vulnerability

Microsoft Exchange: CVE-2016-3378: Microsoft Exchange Open Redirect Vulnerability

Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Sep 14, 2016
Added
Aug 10, 2023
Modified
Nov 15, 2023

Description

Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "Microsoft Exchange Open Redirect Vulnerability."

Solution(s)

microsoft-exchange-exchange_server_2016_CU1-kb3184736microsoft-exchange-exchange_server_2016_CU2-kb3184736
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.