CVE-2018-8238

CVE Database · CVE-2018-8238

CVE-2018-8238

· N/AModified

CVSS v3.1

N/A

EPSS

5.46%

Published

Jul 10, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.

Affected Products (2)

microsoft · lyncvulnerable

microsoft · skype_for_businessvulnerable

References (4)

http://www.securityfocus.com/bid/104619

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238

PatchVendor Advisory

http://www.securityfocus.com/bid/104619

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs