VYPR
High severity7.4NVD Advisory· Published Sep 14, 2016· Updated Jun 17, 2026

CVE-2016-3378

CVE-2016-3378

Description

Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "Microsoft Exchange Open Redirect Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_12:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_12:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_13:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2013:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_2:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.