Exchange Server Security Vulnerabilities and Issues — Exchange Server CVE List

Lucene search

MicrosoftExchange Server

3 matches found

CVE•added 2016/09/14 10:59 a.m.•83 views

CVE-2016-0138

Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application information by leveraging t...

4.3CVSS4.9AI score0.15244EPSS

CVE•added 2016/09/14 10:59 a.m.•74 views

CVE-2016-3378

Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "Micro...

7.4CVSS7AI score0.02934EPSS

CVE•added 2016/09/14 10:59 a.m.•57 views

CVE-2016-3379

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2016 Cumulative Update 1 and 2 allows remote attackers to inject arbitrary web script or HTML via a meeting-invitation request, aka "Microsoft Exchange Elevation of Privilege Vulnerability."

6.1CVSS6.2AI score0.0716EPSS