{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/sugodata/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-0000ecdf90d7","releaseDate":"2021-07-13T07:00:00Z","cveNumber":"CVE-2021-33766","cveTitle":"Microsoft Exchange Server Information Disclosure Vulnerability","releaseNumber":"2021-Jul","vulnType":"Security Vulnerability","latestRevisionDate":"2021-07-13T07:00:00Z","cweList":[],"cweDetailsListForSearch":[],"mitreText":"CVE-2021-33766","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2021-33766","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":2,"olderSoftwareRelease":"Exploitation Less Likely","denialOfService":"N/A","tag":"Microsoft Exchange Server","issuingCna":"Microsoft","issuingCnaId":0,"severityId":100000001,"severity":"Important","impactId":100000003,"impact":"Information Disclosure","langCode":"en-US","baseScore":"7.3","temporalScore":"6.4","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C","isMariner":false,"customerActionRequired":true,"customerActionRequiredId":0,"cweDetailsList":[],"articles":[{"articleType":"FAQ","description":"<p><strong>What type of information could be disclosed by this vulnerability?</strong></p>\n<p>The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Personally Identifiable Information (PII).</p>\n","ordinal":200}],"revisions":[{"cveNumber":"CVE-2021-33766","version":1,"revisionDate":"2021-07-13T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"<p>Information published. This CVE was addressed by updates that were released in April 2021, but the CVE was inadvertently omitted from the April 2021 Security Updates. This is an informational change only. Customers who have already installed the April 2021 update do not need to take any further action.</p>\n","unformattedDescription":"Information published. This CVE was addressed by updates that were released in April 2021, but the CVE was inadvertently omitted from the April 2021 Security Updates. This is an informational change only. Customers who have already installed the April 2021 update do not need to take any further action.","notificationNeeded":false,"notificationSent":false,"sourceId":"8697ea1b-a9c8-eb11-a838-000d3a6d35d9"}]}