Vulnerability in Microsoft Lync
CVE-2018-8238
A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft…
EPSS: 0.162 (94.9th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Lync — versions 2013 Service Pack 1 (32-bit), 2013 Service Pack 1 (64-bit)
- Microsoft Skype — versions Business 2016 (32-bit), Business 2016 (64-bit)
References
- 104619 (vdb-entry, x_refsource_BID)
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238 (x_refsource_CONFIRM)