CISA description
Microsoft Exchange Server contains an information disclosure vulnerability that allows for remote code execution.
CVE-2021-31196
Microsoft · Exchange Server
Microsoft Exchange Server Information Disclosure Vulnerability
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes & references
Where this lands in 800-53
Vulnerability data triggers these controls during assessment and continuous monitoring.