CVE-2019-0622

CWE-287 — Improper Authentication10 documents5 sources
Severity
4.6MEDIUM
EPSS
0.5%
top 34.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Skype
Timeline
PublishedJan 8
Latest updateMay 13

Description

An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Android Elevation of Privilege Vulnerability." This affects Skype 8.35.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

â–¶CVEListV5microsoft/skype8.35 when installed on Android Devices
â–¶NVDmicrosoft/skype8.35

🔴Vulnerability Details

2
GHSA
GHSA-65j8-j9v8-cm3q: An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Androi↗2022-05-13
â–¶
CVEList
CVE-2019-0622: An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Androi↗2019-01-08
â–¶

📋Vendor Advisories

1
Microsoft
Skype for Android Elevation of Privilege Vulnerability↗2019-01-08
â–¶

💬Community

6
Bugzilla
CVE-2019-9791 Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey↗2019-03-20
â–¶
Bugzilla
CVE-2019-9790 Mozilla: Use-after-free when removing in-use DOM elements↗2019-03-20
â–¶
Bugzilla
CVE-2019-9788 Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6↗2019-03-20
â–¶
Bugzilla
CVE-2019-9792 Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script↗2019-03-20
â–¶
Bugzilla
CVE-2019-9796 Mozilla: Use-after-free with SMIL animation controller↗2019-03-20
â–¶
CVE-2019-0622 (MEDIUM CVSS 4.6) | An elevation of privilege vulnerabi | cvebase.io