CVE-2021-24073

4 documents4 sources
Severity
7.1HIGH
EPSS
0.5%
top 32.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Microsoft Microsoft Lync Server 2013Microsoft Skype FOR Business Server 2015 CU 8Microsoft Lync Server+1 more
Timeline
PublishedFeb 25
Latest updateMay 24

Description

Skype for Business and Lync Spoofing Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:NExploitability: 1.3 | Impact: 4.7

Affected Packages4 packages

CVEListV5microsoft/skype_for_business_server_2015_cu_82015 CU 8publication
CVEListV5microsoft/microsoft_lync_server_2013< publication
NVDmicrosoft/skype2015

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-6w2g-frp4-gwrv: Skype for Business and Lync Spoofing Vulnerability2022-05-24
CVEList
Skype for Business and Lync Spoofing Vulnerability2021-02-25

📋Vendor Advisories

1
Microsoft
Skype for Business and Lync Spoofing Vulnerability2021-02-09