vul_app: microsoft_exchange_server_rce_vul（Rule ID：1070210191）

Release Date：2025/9/15

Rule Name：CVE-2021-42321: Microsoft Exchange Server Remote Code Execution Vulnerability

Severity：high

CVE ID：CVE-2021-42321

Microsoft Exchange Server is a set of e-mail service programs of Microsoft Corporation. It provides mail access, storage, forwarding, voice mail, mail filtering and other functions. Microsoft Exchange Server has an input validation error vulnerability. The following products and versions are affected: Microsoft Exchange Server 2019 Cumulative Update 10, Microsoft Exchange Server 2016 Cumulative Update 22, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2016 Cumulative Update 21. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference：None

Update vendor patches.