Lync Server Microsoft Lync Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Lync Server.

By the Year

In 2025 there have been 0 vulnerabilities in Microsoft Lync Server. Lync Server did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 0 0.00
2023 0 0.00
2022 2 6.85
2021 4 6.68
2020 0 0.00
2019 2 6.00
2018 0 0.00

It may take a day or so for new Lync Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Lync Server Security Vulnerabilities

Skype for Business and Lync Remote Code Execution Vulnerability

CVE-2022-33633 7.2 - High - July 12, 2022

Skype for Business and Lync Remote Code Execution Vulnerability

Skype for Business Information Disclosure Vulnerability

CVE-2022-26911 6.5 - Medium - April 15, 2022

Skype for Business Information Disclosure Vulnerability

Skype for Business and Lync Remote Code Execution Vulnerability

CVE-2021-26422 7.2 - High - May 11, 2021

Skype for Business and Lync Remote Code Execution Vulnerability

Skype for Business and Lync Spoofing Vulnerability

CVE-2021-26421 6.5 - Medium - May 11, 2021

Skype for Business and Lync Spoofing Vulnerability

Skype for Business and Lync Spoofing Vulnerability

CVE-2021-24073 6.5 - Medium - February 25, 2021

Skype for Business and Lync Spoofing Vulnerability

Skype for Business and Lync Denial of Service Vulnerability

CVE-2021-24099 6.5 - Medium - February 25, 2021

Skype for Business and Lync Denial of Service Vulnerability

A denial of service vulnerability exists in Skype for Business

CVE-2019-1029 5.9 - Medium - June 12, 2019

A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. To exploit the vulnerability, an attacker needs to obtain a dial-in link for a vulnerable server and then initiates a series of calls within a short amount of time. The update addresses the vulnerability by correcting the way that Skype for Business server handles objects in memory.

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request

CVE-2019-0798 6.1 - Medium - April 09, 2019

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Skype For Business Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe