KLA10736
Spoofing vulnerability in Microsoft Exchange Server

Updated: 05/22/2020

Detect date ?	01/12/2016
Severity ?	Warning
Description	Improper web requests handling was found in Microsoft Exchange Server at Outlook Web Access. By exploiting this vulnerability malicious users can spoof user interface. This vulnerability can be exploited remotely via a specially designed email with malicious link.
Affected products	Microsoft Exchange Server 2016 Microsoft Exchange Server 2013 Service Pack 1 Microsoft Exchange Server 2013 Cumulative Update 10 Microsoft Exchange Server 2013 Cumulative Update 11
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2016-0032 CVE-2016-0031 CVE-2016-0030 CVE-2016-0029
Impacts ?	SUI [?]
Related products	Microsoft Exchange Server
CVE-IDS ?	CVE-2016-00320.0Unknown CVE-2016-00310.0Unknown CVE-2016-00300.0Unknown CVE-2016-00290.0Unknown
Microsoft official advisories	Microsoft Security Update Guide
	Find out the statistics of the vulnerabilities spreading in your region

KLA10736Spoofing vulnerability in Microsoft Exchange Server