CVE-2023-36786

CWE-365 documents5 sources
Severity
7.2HIGH
EPSS
0.7%
top 27.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Skype FOR Business Server 2015 Cu13Microsoft Skype FOR Business Server 2019 CU7Microsoft Skype FOR Business Server
Timeline
PublishedOct 10

Description

Skype for Business Remote Code Execution Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages3 packages

CVEListV5microsoft/skype_for_business_server_2019_cu72046.07.0.246.530
CVEListV5microsoft/skype_for_business_server_2015_cu139319.06.0.9319.869
NVDmicrosoft/skype2015, 2019+1

Patches

Patch: msrc.microsoft.comPatch: msrc.microsoft.com

🔴Vulnerability Details

2
CVEList
Skype for Business Remote Code Execution Vulnerability2023-10-10
GHSA
GHSA-4j2g-cpw5-pjvq: Skype for Business Remote Code Execution Vulnerability2023-10-10

📋Vendor Advisories

1
Microsoft
Skype for Business Remote Code Execution Vulnerability2023-10-10
CVE-2023-36786 (HIGH CVSS 7.2) | Skype for Business Remote Code Exec | cvebase.io