Skype For Business Microsoft Skype For Business

Do you want an email whenever new security vulnerabilities are reported in Microsoft Skype For Business?

By the Year

In 2021 there have been 0 vulnerabilities in Microsoft Skype For Business . Last year Skype For Business had 1 security vulnerability published. Right now, Skype For Business is on track to have less security vulnerabilities in 2021 than it did last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 1 9.80
2019 3 5.77
2018 3 7.50

It may take a day or so for new Skype For Business vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Microsoft Skype For Business Security Vulnerabilities

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation

CVE-2020-1025 9.8 - Critical - July 14, 2020

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation, aka 'Microsoft Office Elevation of Privilege Vulnerability'.

Improper Privilege Management

A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specially crafted request

CVE-2019-1490 5.4 - Medium - December 10, 2019

A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business Server Spoofing Vulnerability'.

Injection

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters

CVE-2019-1084 6.5 - Medium - July 15, 2019

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.

Information Disclosure

A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request

CVE-2019-0624 5.4 - Medium - January 17, 2019

A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype.

XSS

A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability

CVE-2018-8546 5.9 - Medium - November 14, 2018

A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared

CVE-2018-8238 7.8 - High - July 11, 2018

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content

CVE-2018-8311 8.8 - High - July 11, 2018

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync.

Improper Input Validation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Skype For Business or by Microsoft? Click the Watch button to subscribe.

subscribe