cnvd - cnvd-2016-07582

CNVD-2016-07582

Vulnerability from cnvd - Published: 2016-09-18

Title

Microsoft Exchange Server开放重定向漏洞

Description

Microsoft Exchange Server是美国微软（Microsoft）公司的一套电子邮件服务程序，它提供邮件存取、储存、转发，语音邮件，邮件过滤筛选等功能。 Microsoft Exchange Server中存在开放重定向漏洞。攻击者可能通过发送特制的URL的链接利用该漏洞诱使用户点击该链接，重定向用户的浏览器会话到恶意网站，欺骗用户并获取敏感信息。

Severity

中

Patch Name

Microsoft Exchange Server开放重定向漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://technet.microsoft.com/en-us/security/bulletin/MS16-108

Reference

http://www.securityfocus.com/bid/92833

Impacted products

Name
['Microsoft Exchange Server 2013 SP1，Update 8', 'Microsoft Exchange Server 2013 Cumulative Update 12', 'Microsoft Exchange Server 2013 Cumulative Update 13', 'Microsoft Exchange Server 2016 Cumulative Update 1', 'Microsoft Exchange Server 2016 Cumulative Update 2']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "92833"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-3378"
    }
  },
  "description": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\uff0c\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\r\n\r\nMicrosoft Exchange Server\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u80fd\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684URL\u7684\u94fe\u63a5\u5229\u7528\u8be5\u6f0f\u6d1e\u8bf1\u4f7f\u7528\u6237\u70b9\u51fb\u8be5\u94fe\u63a5\uff0c\u91cd\u5b9a\u5411\u7528\u6237\u7684\u6d4f\u89c8\u5668\u4f1a\u8bdd\u5230\u6076\u610f\u7f51\u7ad9\uff0c\u6b3a\u9a97\u7528\u6237\u5e76\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "John Page of ApparitionSec.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://technet.microsoft.com/en-us/security/bulletin/MS16-108",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-07582",
  "openTime": "2016-09-18",
  "patchDescription": "Microsoft Exchange Server\u662f\u7f8e\u56fd\u5fae\u8f6f\uff08Microsoft\uff09\u516c\u53f8\u7684\u4e00\u5957\u7535\u5b50\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\uff0c\u5b83\u63d0\u4f9b\u90ae\u4ef6\u5b58\u53d6\u3001\u50a8\u5b58\u3001\u8f6c\u53d1\uff0c\u8bed\u97f3\u90ae\u4ef6\uff0c\u90ae\u4ef6\u8fc7\u6ee4\u7b5b\u9009\u7b49\u529f\u80fd\u3002\r\n\r\nMicrosoft Exchange Server\u4e2d\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u80fd\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684URL\u7684\u94fe\u63a5\u5229\u7528\u8be5\u6f0f\u6d1e\u8bf1\u4f7f\u7528\u6237\u70b9\u51fb\u8be5\u94fe\u63a5\uff0c\u91cd\u5b9a\u5411\u7528\u6237\u7684\u6d4f\u89c8\u5668\u4f1a\u8bdd\u5230\u6076\u610f\u7f51\u7ad9\uff0c\u6b3a\u9a97\u7528\u6237\u5e76\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Exchange Server\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Exchange Server 2013 SP1\uff0cUpdate 8",
      "Microsoft Exchange Server 2013 Cumulative Update 12",
      "Microsoft Exchange Server 2013 Cumulative Update 13",
      "Microsoft Exchange Server 2016 Cumulative Update 1",
      "Microsoft Exchange Server 2016 Cumulative Update 2"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/92833",
  "serverity": "\u4e2d",
  "submitTime": "2016-09-14",
  "title": "Microsoft Exchange Server\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}

CVE-2016-3378 (GCVE-0-2016-3378)

Vulnerability from cvelistv5 – Published: 2016-09-14 10:00 – Updated: 2024-08-05 23:56

Summary

Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "Microsoft Exchange Open Redirect Vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securitytracker.com/id/1036778	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/92833	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:56:13.410Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS16-108",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-108"
          },
          {
            "name": "1036778",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036778"
          },
          {
            "name": "92833",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92833"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-09-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka \"Microsoft Exchange Open Redirect Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "MS16-108",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-108"
        },
        {
          "name": "1036778",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036778"
        },
        {
          "name": "92833",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92833"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2016-3378",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka \"Microsoft Exchange Open Redirect Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS16-108",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-108"
            },
            {
              "name": "1036778",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036778"
            },
            {
              "name": "92833",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92833"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2016-3378",
    "datePublished": "2016-09-14T10:00:00",
    "dateReserved": "2016-03-15T00:00:00",
    "dateUpdated": "2024-08-05T23:56:13.410Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-07582

CVE-2016-3378 (GCVE-0-2016-3378)

Tags

Sightings

Nomenclature