Skip to main content

Skype For Business Server

14 CVEs product

Monthly

CVE-2024-20695 MEDIUM PATCH This Month

Skype for Business Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Authentication Bypass Information Disclosure Skype For Business Server
NVD
CVSS 3.1
5.7
EPSS
0.6%
CVE-2023-41763 MEDIUM POC KEV PATCH THREAT This Month

Skype for Business Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Skype For Business Server
NVD
CVSS 3.1
5.3
EPSS
90.4%
CVE-2023-36789 HIGH PATCH This Week

Skype for Business Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Skype For Business Server
NVD
CVSS 3.1
7.2
EPSS
2.4%
CVE-2023-36786 HIGH PATCH This Week

Skype for Business Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Skype For Business Server
NVD
CVSS 3.1
7.2
EPSS
2.5%
CVE-2023-36780 HIGH PATCH This Week

Skype for Business Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Skype For Business Server
NVD
CVSS 3.1
7.2
EPSS
2.6%
CVE-2022-26911 MEDIUM This Month

Skype for Business Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Lync Server Skype For Business Server
NVD
CVSS 3.1
6.5
EPSS
3.3%
CVE-2022-26910 MEDIUM This Month

Skype for Business and Lync Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Skype For Business Server
NVD
CVSS 3.1
5.3
EPSS
2.3%
CVE-2021-26422 HIGH PATCH This Week

Skype for Business and Lync Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Lync Server Skype For Business Server
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2021-26421 MEDIUM PATCH This Month

Skype for Business and Lync Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Information Disclosure Lync Server Skype For Business Server
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-24099 MEDIUM PATCH This Month

Skype for Business and Lync Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Lync Server Skype For Business Server
NVD
CVSS 3.1
6.5
EPSS
2.9%
CVE-2021-24073 MEDIUM PATCH This Month

Skype for Business and Lync Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Information Disclosure Lync Server Skype For Business Server
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2019-0798 MEDIUM PATCH This Month

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Lync Server Skype For Business Server
NVD
CVSS 3.0
6.1
EPSS
2.1%
CVE-2015-2536 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Skype. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Lync Server Skype For Business Server
NVD
CVSS 2.0
4.3
EPSS
9.0%
CVE-2015-2531 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.2% and no vendor patch available.

XSS Information Disclosure Microsoft Lync Server Skype For Business Server
NVD
CVSS 2.0
4.3
EPSS
13.2%
EPSS 1% CVSS 5.7
MEDIUM PATCH This Month

Skype for Business Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Authentication Bypass Information Disclosure Skype For Business Server
NVD
EPSS 90% CVSS 5.3
MEDIUM POC KEV PATCH THREAT This Month

Skype for Business Elevation of Privilege Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Skype For Business Server
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Skype for Business Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Skype For Business Server
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Skype for Business Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Skype For Business Server
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

Skype for Business Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Skype For Business Server
NVD
EPSS 3% CVSS 6.5
MEDIUM This Month

Skype for Business Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Lync Server Skype For Business Server
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

Skype for Business and Lync Spoofing Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Skype For Business Server
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

Skype for Business and Lync Remote Code Execution Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Lync Server Skype For Business Server
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Skype for Business and Lync Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Information Disclosure Lync Server Skype For Business Server
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Skype for Business and Lync Denial of Service Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Lync Server Skype For Business Server
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Skype for Business and Lync Spoofing Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable.

Information Disclosure Lync Server Skype For Business Server
NVD
EPSS 2% CVSS 6.1
MEDIUM PATCH This Month

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Lync Server Skype For Business Server
NVD
EPSS 9% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Skype. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Lync Server +1
NVD
EPSS 13% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.2% and no vendor patch available.

XSS Information Disclosure Microsoft +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy