CVE-2022-26911

4 documents4 sources
Severity
6.5MEDIUM
EPSS
19.9%
top 4.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Microsoft Microsoft Lync Server 2013 Cu10Microsoft Skype FOR Business Server 2015 Cu12Microsoft Skype FOR Business Server 2019 CU6+2 more
Timeline
PublishedApr 15
Latest updateApr 16

Description

Skype for Business Information Disclosure Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages5 packages

CVEListV5microsoft/skype_for_business_server_2019_cu62046.09319.628
CVEListV5microsoft/skype_for_business_server_2015_cu129319.09319.628
NVDmicrosoft/skype2015, 2019+1
CVEListV5microsoft/microsoft_lync_server_2013_cu108308.08308.1194

🔴Vulnerability Details

2
GHSA
GHSA-25r5-69f6-hgcg: Skype for Business Information Disclosure Vulnerability2022-04-16
CVEList
Skype for Business Information Disclosure Vulnerability2022-04-15

📋Vendor Advisories

1
Microsoft
Skype for Business Information Disclosure Vulnerability2022-04-12
CVE-2022-26911 (MEDIUM CVSS 6.5) | Skype for Business Information Disc | cvebase.io