• Creation
  • Validation
  • Communication & fix
  • Disclosure

Europa.eu / Microsoft Exchange Server is outdated

zythop reported 2021-11-16

The following Exchange Server is publicly accessible and looks out-dated : https://webmail.eurofound.europa.eu

It is critical to update to a safe version as soon as possible since multiple CVEs allow remote attackers to DoS or achieve RCE (Remote code execution) on the server. Those vulnerabilities are currently used in ransomware campaign and could damage your network.

This prevention reports are identified and dispatched with the help of https://twitter.com/HaboubiAnis

Reference:

IP:
193.1.10.137
Port:
443
Detected protocol:
https
Found Exchange server: 
Build: 15.1.2308.14
Version: 2016CU21+KB5004779
Build date: 6/2021
Affected by CVE-2021-42321
Affected by CVE-2021-26427
Affected by CVE-2021-41348
Found by ExchangeVersion 2021-11-16
IP:
193.1.10.137
Port:
443
Detected protocol:
https
Found Exchange server: 
Build: 15.1.2308.14
Version: 2016CU21+KB5004779
Build date: 6/2021
Affected by CVE-2021-42321
Affected by CVE-2021-26427
Affected by CVE-2021-41348
Found by ExchangeVersion 2021-12-01
IP:
193.1.10.137
Port:
443
Detected protocol:
https
Found Exchange server: 
Build: 15.1.2308.14
Version: 2016CU21+KB5004779
Build date: 6/2021
Affected by CVE-2021-42321
Affected by CVE-2021-26427
Affected by CVE-2021-41348
Found by ExchangeVersion 2022-01-05
Report created by zythop  2021-11-16
Report edited by zythop  2021-11-16
Report approved by BloodyShell  2021-11-16
New PDF report generated by system 2021-11-16
Report dispatched to ...@... by system 2021-11-16
Report edited by BloodyShell  2021-11-16
New PDF report generated by system 2021-11-16
Report comment dispatched to BloodyShell by system 2021-11-16
Report comment dispatched to iampritam by system 2021-11-16
Report comment dispatched to fokoil by system 2021-11-16
Report comment dispatched to thLambda by system 2021-11-16
Report comment dispatched to BloodyShell by system 2021-12-05
Report comment dispatched to iampritam by system 2021-12-05
Report comment dispatched to fokoil by system 2021-12-05
Report comment dispatched to thLambda by system 2021-12-05
Report edited by zythop  2021-12-14
New PDF report generated by system 2021-12-14
Report dispatched to ...@... by system 2021-12-14
Report edited by zythop  2022-01-05
New PDF report generated by system 2022-01-05
Report marked as fixed by zythop  2022-01-05
Report closed by zythop  2022-01-05
New PDF report generated by system 2022-01-05
Information
Owner Europa.eu
Created 2021-11-16 11:03
Updated 2022-01-05 19:02
Fixed true

Contacts
s...@cert.europa.eu
s...@europarl.europa.eu

Status
Status closed
Hosting contacted false
CERT contacted false

Download report