Microsoft Skype For Business Server 2019 Cu2 vulnerabilities
3 known vulnerabilities affecting microsoft/skype_for_business_server_2019_cu2.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-24099MEDIUMCVSS 6.5≥ 7.0.0, < publication2021-02-25
CVE-2021-24099 [MEDIUM] CVE-2021-24099: Skype for Business and Lync Denial of Service Vulnerability
Skype for Business and Lync Denial of Service Vulnerability
cvelistv5nvd
CVE-2020-1025CRITICALCVSS 9.8≥ 7.0.0, < publication2020-07-14
CVE-2020-1025 [CRITICAL] CWE-20 CVE-2020-1025: An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Busine
An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vulnerability could bypass authentication and achieve improper access.
To exploit this vulnerability, an attacker would need to modify the token.
The update
cvelistv5nvd
CVE-2019-1490MEDIUMCVSS 5.4vunspecified2019-12-10
CVE-2019-1490 [MEDIUM] CWE-74 CVE-2019-1490: A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specia
A spoofing vulnerability exists when a Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business Server Spoofing Vulnerability'.
cvelistv5nvd