CVE-2021-42321
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
90.4%
p100
KEV
YES
Nov 17, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
90.4%EPSS · 30 days90.4%
2026-06-302026-07-16
Product
Microsoft / Exchange
Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Added to KEV
Nov 17, 2021
Remediate by
Dec 1, 2021
Known ransomware use
Yes
Summary description
An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-42321
No related CVEs by CWE or product.