KEV Entry

CVE-2021-31196

Known Exploited Vulnerability Entry KEVIntel

Entry Details
Confirmed Exploited

CVE-2021-31196

2024-08-21 00:00 UTC


Timestamps

2024-08-21

2024-08-21


Scope

KEVIntel entry: Microsoft Exchange Server Remote Code Execution Vulnerability | Affected: Microsoft / Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 21, Microsoft Exchange Server 2019 Cumulative Update 10 | CVSS: 7.2 (HIGH) | Used in malware: unknown | Not yet in CISA KEV: False


References
  • {'id': 'CVE-2021-31196', 'url': 'https://www.cve.org/CVERecord?id=CVE-2021-31196'}
  • {'id': 'kevintel', 'url': 'https://kevintel.com/CVE-2021-31196'}

c70262a8-fadb-408b-bfb4-ca12d0a9ae2f

KEVIntel
caeb2787-0d58-4236-9039-7c86c3e566f3

2026-06-23 14:05 UTC

2026-07-10 06:14 UTC

Evidence
1
Type Source Signal Confidence Details GCVE Metadata
public_report kevintel successful_exploitation 0.70
View details
{
  "added_date": "2024-08-21T00:00:00.000Z",
  "ahead_of_cisa_kev": null,
  "cvss_score": 7.2,
  "cvss_severity": "HIGH",
  "epss_percentile": null,
  "epss_score": null,
  "feed": "KEVIntel (kevintel.com)",
  "not_yet_in_cisa_kev": false,
  "product": "Microsoft Exchange Server 2019 Cumulative Update 9, Microsoft Exchange Server 2016 Cumulative Update 20, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 21, Microsoft Exchange Server 2019 Cumulative Update 10",
  "title": "Microsoft Exchange Server Remote Code Execution Vulnerability",
  "used_in_malware": "unknown",
  "vendor": "Microsoft"
}
-