Reference:
https://github.com/microsoft/CSS-Exchange/tree/main/Security
https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server/
https://www.exploit-db.com/exploits/49663
PS: The NMAP script, http-vuln-exchange.nse, has been created by Microsoft Senior Threat Intelligence Analyst Kevin Beaumont to identify those Microsoft Exchange servers vulnerable to the recent Exchange vulnerabilities including CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.
# cd /usr/share/nmap/scripts
# wget https://raw.githubusercontent.com/GossiTheDog/scanning/main/http-vuln-exchange.nse
# nmap TARGET_IP -p 443 —script http-vuln-exchange
