Microsoft Lync Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Lync Server.
By the Year
In 2025 there have been 0 vulnerabilities in Microsoft Lync Server. Lync Server did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 6.85 |
| 2021 | 4 | 6.68 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 6.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Lync Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Lync Server Security Vulnerabilities
Skype for Business and Lync Remote Code Execution Vulnerability
CVE-2022-33633
7.2 - High
- July 12, 2022
Skype for Business and Lync Remote Code Execution Vulnerability
Skype for Business Information Disclosure Vulnerability
CVE-2022-26911
6.5 - Medium
- April 15, 2022
Skype for Business Information Disclosure Vulnerability
Skype for Business and Lync Remote Code Execution Vulnerability
CVE-2021-26422
7.2 - High
- May 11, 2021
Skype for Business and Lync Remote Code Execution Vulnerability
Skype for Business and Lync Spoofing Vulnerability
CVE-2021-26421
6.5 - Medium
- May 11, 2021
Skype for Business and Lync Spoofing Vulnerability
Skype for Business and Lync Spoofing Vulnerability
CVE-2021-24073
6.5 - Medium
- February 25, 2021
Skype for Business and Lync Spoofing Vulnerability
Skype for Business and Lync Denial of Service Vulnerability
CVE-2021-24099
6.5 - Medium
- February 25, 2021
Skype for Business and Lync Denial of Service Vulnerability
A denial of service vulnerability exists in Skype for Business
CVE-2019-1029
5.9 - Medium
- June 12, 2019
A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. To exploit the vulnerability, an attacker needs to obtain a dial-in link for a vulnerable server and then initiates a series of calls within a short amount of time. The update addresses the vulnerability by correcting the way that Skype for Business server handles objects in memory.
A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request
CVE-2019-0798
6.1 - Medium
- April 09, 2019
A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Skype For Business Server or by Microsoft? Click the Watch button to subscribe.
