CVE-2023-36780

2023-10-1018:15:17

CWE-426

[email protected]

web.nvd.nist.gov

skype for business

remote code execution

vulnerability

cve-2023-36780

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.004

Percentile

74.9%

JSON

Skype for Business Remote Code Execution Vulnerability

Affected configurations

Nvd

Node

microsoftskype_for_business_serverMatch2015cumulative_update_13

microsoftskype_for_business_serverMatch2019cumulative_update_7

VendorProductVersionCPE
microsoftskype_for_business_server2015cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:*
microsoftskype_for_business_server2019cpe:2.3:a:microsoft:skype_for_business_server:2019:cumulative_update_7:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	skype_for_business_server	2015	cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13::::::
microsoft	skype_for_business_server	2019	cpe:2.3:a:microsoft:skype_for_business_server:2019:cumulative_update_7::::::