I. Overview

Security researchers outside China have disclosed an authentication bypass vulnerability in Microsoft Exchange Server (CVE-2021-33766). By constructing malicious requests, attackers can bypass identity authentication. Attackers can exploit this vulnerability to obtain sensitive server information. Currently, the POC has been published, and the vulnerability risk is high.

Microsoft Exchange Server is an email service component. If you are a Microsoft Exchange Server user, check your service version and implement timely security hardening.

Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33766

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

Microsoft Exchange 2013

Microsoft Exchange 2016

Microsoft Exchange 2019

IV. Security Recommendations

Currently, Microsoft has released patches to fix the vulnerability. If your service version falls into the affected range, upgrade it to a latest secure version.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-33766

HUAWEI CLOUD WAF can defend against these vulnerabilities. If you are a WAF user, set the basic web protection status to Block. For details, see Enabling Basic Web Protection.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.