CVE-2017-11786
CVE-2017-11786 affects Microsoft Lync 2013 SP1 and Skype for Business 2016. Root cause: improper handling of authentication requests, enabling an attacker to steal an authentication hash and reuse it elsewhere. Impact: privilege escalation and potential unauthorized actions by the attacker using ...