CVE-2024-21410
Microsoft Exchange Server Elevation of Privilege VulnerabilityMicrosoft Exchange Server Elevation of Privilege Vulnerability
We have discovered 3,177 live websites that are affected by CVE-2024-21410.
Affected Software
| Product |  Microsoft Exchange Server |
| Category | Web Mail |
| Vulnerable Domains | 3,177 live websites (35% of Microsoft Exchange Server install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 22 versions ( 22% of all versions) |
Common Weakness Enumeration
CWE-287 Improper AuthenticationDetails
- Published - Feb 13, 2024
- Updated - Oct 21, 2025
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2024-21410 United States | 812 websites |
 Germany | 252 websites |
 Russia | 152 websites |
 GB | 128 websites |
 Canada | 106 websites |
 France | 100 websites |
 Italy | 100 websites |
 Czech Republic | 94 websites |
 Austria | 77 websites |
 Taiwan | 72 websites |
Website Distribution by TLD
Number of websites using CVE-2024-21410| .com | 870 websites |
| .org | 271 websites |
| .de | 206 websites |
| .ru | 127 websites |
| .net | 108 websites |
| .cz | 88 websites |
| .fr | 76 websites |
| .it | 68 websites |
| .edu | 59 websites |
| .nl | 54 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-21410
Top websites that are affected by CVE-2024-21410. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| **.de | Germany | **,*** | |
| ***.***.tw | Taiwan | **,*** | |
| ***.***.cn |  China | ***,*** | |
| *******.***.tw | Taiwan | ***,*** | |
| ********.ru | Russia | ***,*** | |
| ****.***.***.vn |  Vietnam | ***,*** | |
| *******.ru | Russia | ***,*** | |
| ****.***.tw | Taiwan | ***,*** | |
| **********.pt |  Portugal | ***,*** | |
| ***********.to |  Tonga | ***,*** |
FAQ
CVE-2024-21410 is Improper Authentication in Microsoft Exchange Server
A total of 3,177 websites have been identified as vulnerable to CVE-2024-21410, based on global website indexing conducted by WebTechSurvey.
The Microsoft Exchange Server is affected by the CVE-2024-21410 vulnerability.
Microsoft Exchange Server versions up to 15.1.2507.37 are vulnerable to CVE-2024-21410.
CVE-2024-21410 is resolved in version 15.1.2507.37 of Microsoft Exchange Server.