Enhancement: cves/2021/CVE-2021-26855.yaml by mp

cves/2021/CVE-2021-26855.yaml

@@ -1,13 +1,14 @@
 id: CVE-2021-26855
 
 info:
-  name: Exchange Server SSRF Vulnerability
+  name: Microsoft Exchange Server SSRF Vulnerability
   author: madrobot
   severity: critical
-  description: |
-    Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078.
+  description: This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. Other portions of the chain can be triggered if an attacker already has access or can convince an administrator to open a malicious file. Be aware his CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, and CVE-2021-27078.
+  remediation: Apply the appropriate security update. 
   tags: cve,cve2021,ssrf,rce,exchange,oast,microsoft
   reference:
+    - https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26855
     - https://proxylogon.com/#timeline
     - https://raw.githubusercontent.com/microsoft/CSS-Exchange/main/Security/http-vuln-cve2021-26855.nse
     - https://www.shodan.io/search?query=vuln%3ACVE-2021-26855
@@ -28,4 +29,5 @@ requests:
       - type: word
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
-          - "http"
+          - "http"
+# Enhanced by mp on 2022/02/04