VYPR
Medium severity5.5NVD Advisory· Published Apr 18, 2016· Updated Jun 17, 2026

CVE-2016-2415

CVE-2016-2415

Description

exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, aka internal bug 26488455.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Google/Android7 versions
    cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
    • (no CPE)range: 5.0.x < 5.0.2, 5.1.x < 5.1.1, 6.x < 2016-04-01

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.