CVE-2018-8238

Summary

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.

Affected Software

VendorProductVersion RangeStatus
MicrosoftSkypeBusiness 2016 (32-bit)affected
MicrosoftSkypeBusiness 2016 (64-bit)affected
MicrosoftMicrosoft Lync2013 Service Pack 1 (32-bit)affected
MicrosoftMicrosoft Lync2013 Service Pack 1 (64-bit)affected

Weaknesses

  • Security Feature Bypass

ADP Enrichment

CVE Program Container

Additional References

References