Описание
A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:lync:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:skype_for_business:2016:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.07077
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
msrc
больше 7 лет назад
Skype for Business and Lync Security Feature Bypass Vulnerability
CVSS3: 7.8
github
больше 3 лет назад
A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.
EPSS
Процентиль: 91%
0.07077
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo