CVE-2018-8238
4 documents4 sources
Severity
7.8HIGH
EPSS
7.7%
top 8.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 11
Latest updateMay 13
Description
A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages4 packages
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-v74r-x7x3-53vj: A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype fo↗2022-05-13
CVEList▶
CVE-2018-8238: A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype fo↗2018-07-11