Lucene search

K
mskbMicrosoftKB4571334
HistoryJul 14, 2020 - 12:00 a.m.

Description of the security update for Lync Server 2013: July 14, 2020

2020-07-1400:00:00
Microsoft
support.microsoft.com
16

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%

Description of the security update for Lync Server 2013: July 14, 2020

Summary

This security update resolves vulnerabilities when Skype for Business Server incorrectly handles OAuth token validation. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2020-1025.

Note To apply this security update, you must have the release version of Lync Server 2013 installed on the computer.

How to get and install the update

To get this update, install the following updates:

  • July 2020 cumulative update 5.0.8308.1134 for Lync Server 2013, Core Components
  • July 2020 cumulative update 5.0.8308.1134 for Lync Server 2013, Web Components Server

More information

Security update deployment information

For deployment information about this update, see security update deployment information: July 14, 2020.

How to get help and support for this security update

Protect yourself online: Windows Security supportLearn how we guard against cyber threats: Microsoft Security

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.5%