vulnerability
Microsoft Exchange: CVE-2016-3378: Microsoft Exchange Open Redirect Vulnerability
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Sep 14, 2016 | Aug 10, 2023 | Nov 15, 2023 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Sep 14, 2016
Added
Aug 10, 2023
Modified
Nov 15, 2023
Description
Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "Microsoft Exchange Open Redirect Vulnerability."
Solution(s)
microsoft-exchange-exchange_server_2016_CU1-kb3184736microsoft-exchange-exchange_server_2016_CU2-kb3184736

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.