git clone https://github.com/certat/exchange-scans.git
$ python3 scan.py –path ‘/autodiscover/autodiscover.json?@itpro.com.tr/owa/?&Email=autodiscover/autodiscover.administrator%3F@xxx.com.tr’ \
–scheme ‘https://’ \
–patched $(date -Id)-patched.txt \
–unknown $(date -Id)-unknown.txt \
CVE-2021-34473 exchange-ips-at.txt $(date -Id)-vulnerable.txt
çıktı sonucu
cat 2021-11-28-patched.txt
“xxxxx”,”2021-11-28T18:07:52+00:00″,”15.1.1261″,”Exchange Server 2016 CU7“
Etkilenen Sistemler
Aşağıdaki sistemlerin etkilendiği belirtilmiştir;
- Microsoft Exchange Server 2019 Cumulative Update 9
- Microsoft Exchange Server 2016 Cumulative Update 23
- Microsoft Exchange Server 2013 Cumulative Update 8
- Microsoft Exchange Server 2016 Cumulative Update 19
- Microsoft Exchange Server 2019 Cumulative Update 20
Çözüm Önerileri
Aşağıdaki tabloda belirtilen güncellemelerin yüklenmesi önerilmektedir.
| Ürün | Makale | Güvenlik Yaması |
|---|---|---|
| Microsoft Exchange Server 2019 Cumulative Update 9 | 5001779 | Security Update |
| Microsoft Exchange Server 2013 Cumulative Update 23 | 5001779 | Security Update |
| Microsoft Exchange Server 2019 Cumulative Update 8 | 5001779 | Security Update |
| Microsoft Exchange Server 2016 Cumulative Update 19 | 5001779 | Security Update |
| Microsoft Exchange Server 2016 Cumulative Update 20 | 5001779 | Security Update |
ilgili adresede gerekli güncelleme uyarısı verilmiştir.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473
exchange serverınızın ilgili vulnerability durumu için
map –script http-vuln-cve2021-26855.nse x.x.x. komutuyla bilgi alabilirsiniz. örnek çıktıda hassas olarak görünmekte
map –script http-vuln-cve2021-26855.nse x.x.x.x
Starting Nmap 7.91 ( https://nmap.org ) at 2021-11-28 13:27 EST
Nmap scan report for mail.x.x.xx. (x.x.x.x)
Host is up (0.016s latency).
Not shown: 995 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
| http-vuln-cve2021-26855:
| VULNERABLE:
| Exchange Server SSRF Vulnerability
| State: cevi
| IDs: CVE:CVE-2021-26855
| Exchange 2013 Versions < 15.00.1497.012, Exchange 2016 CU18 < 15.01.2106.013, Exchange 2016 CU19 < 15.01.2176.009, Exchange 2019 CU7 < 15.02.0721.013, Exchange 2019 CU8 < 15.02.0792.010 are vulnerable to a SSRF via the X-AnonResource-Backend and X-BEResource cookies.
|
| Disclosure date: 2021-03-02
| References:
| http://aka.ms/exchangevulns
|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26855
587/tcp open submission
4444/tcp open krb524
8443/tcp open https-alt
Nmap done: 1 IP address (1 host up) scanned in 5.42 seconds
