CVE-2018-8546

4 documents4 sources
Severity
5.9MEDIUM
EPSS
17.7%
top 4.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Microsoft Microsoft LyncMicrosoft Microsoft OfficeMicrosoft Office+5 more
Timeline
PublishedNov 14
Latest updateMay 13

Description

A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Lync, Skype.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages8 packages

CVEListV5microsoft/skype4 versions+3
NVDmicrosoft/skype2016
CVEListV5microsoft/office365 ProPlus for 32-bit Systems, 365 ProPlus for 64-bit Systems+1
CVEListV5microsoft/microsoft_office2019 for 32-bit editions, 2019 for 64-bit editions+1

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-jwxg-487g-c8pg: A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability2022-05-13
CVEList
CVE-2018-8546: A denial of service vulnerability exists in Skype for Business, aka "Microsoft Skype for Business Denial of Service Vulnerability2018-11-14

📋Vendor Advisories

1
Microsoft
Microsoft Skype for Business Denial of Service Vulnerability2018-11-13
CVE-2018-8546 (MEDIUM CVSS 5.9) | A denial of service vulnerability e | cvebase.io