The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Lync

vulnerability bulletin CVE-2019-1084

Microsoft Lync: information disclosure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Microsoft Lync, in order to obtain sensitive information.
Impacted products: Lync.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 10/07/2019.
Identifiers: CERTFR-2019-AVI-322, CVE-2019-1084, VIGILANCE-VUL-29723.

Description of the vulnerability

An attacker can bypass access restrictions to data of Microsoft Lync, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-1029

Microsoft Lync Server: denial of service

Synthesis of the vulnerability

An attacker can trigger a fatal error of Microsoft Lync Server, in order to trigger a denial of service.
Impacted products: Lync.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: document.
Creation date: 12/06/2019.
Identifiers: CERTFR-2019-AVI-265, CVE-2019-1029, VIGILANCE-VUL-29507.

Description of the vulnerability

An attacker can trigger a fatal error of Microsoft Lync Server, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-0798

Microsoft Lync Server 2013: information disclosure via Spoofing

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Spoofing of Microsoft Lync Server 2013, in order to obtain sensitive information.
Impacted products: Lync.
Severity: 2/4.
Consequences: data reading.
Provenance: intranet client.
Creation date: 13/03/2019.
Identifiers: CERTFR-2019-AVI-106, CVE-2019-0798, VIGILANCE-VUL-28727.

Description of the vulnerability

An attacker can bypass access restrictions to data via Spoofing of Microsoft Lync Server 2013, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-8546

Microsoft Lync: denial of service

Synthesis of the vulnerability

An attacker can generate a fatal error of Microsoft Lync, in order to trigger a denial of service.
Impacted products: Lync.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 14/11/2018.
Identifiers: CERTFR-2018-AVI-554, CVE-2018-8546, VIGILANCE-VUL-27772.

Description of the vulnerability

An attacker can generate a fatal error of Microsoft Lync, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2018-8474

Microsoft Lync for Mac 2011: privilege escalation

Synthesis of the vulnerability

An attacker can bypass restrictions of Microsoft Lync for Mac 2011, in order to escalate his privileges.
Impacted products: Lync.
Severity: 2/4.
Consequences: user access/rights, data reading.
Provenance: user account.
Creation date: 12/09/2018.
Identifiers: CERTFR-2018-AVI-438, CVE-2018-8474, VIGILANCE-VUL-27215.

Description of the vulnerability

An attacker can bypass restrictions of Microsoft Lync for Mac 2011, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-8238 CVE-2018-8311

Microsoft Lync/Skype: vulnerabilities of July 2018

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Lync, Skype for Business.
Severity: 3/4.
Consequences: user access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 11/07/2018.
Identifiers: CERTFR-2018-AVI-338, CVE-2018-8238, CVE-2018-8311, VIGILANCE-VUL-26680.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11786

Microsoft Lync 2013, Skype: privilege escalation

Synthesis of the vulnerability

An attacker can bypass restrictions of Microsoft Lync 2013 or Skype, in order to escalate his privileges.
Impacted products: Lync, Skype for Business.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: document.
Creation date: 11/10/2017.
Identifiers: CERTFR-2017-AVI-346, CVE-2017-11786, VIGILANCE-VUL-24090.

Description of the vulnerability

An attacker can bypass restrictions of Microsoft Lync 2013 or Skype, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-8676 CVE-2017-8695 CVE-2017-8696

Microsoft Lync/Skype: vulnerabilities of September 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Lync, Skype for Business.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 13/09/2017.
Identifiers: CERTFR-2017-AVI-297, CVE-2017-8676, CVE-2017-8695, CVE-2017-8696, VIGILANCE-VUL-23825.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-0283 CVE-2017-8527

Microsoft Lync: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Lync.
Impacted products: Lync.
Severity: 4/4.
Consequences: privileged access/rights, denial of service on server, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 14/06/2017.
Identifiers: CERTFR-2017-AVI-176, CVE-2017-0283, CVE-2017-8527, VIGILANCE-VUL-22966.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft Lync.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-0060 CVE-2017-0073 CVE-2017-0108

Microsoft Lync: vulnerabilities of March 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Lync.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 14/03/2017.
Identifiers: 4013241, CVE-2017-0060, CVE-2017-0073, CVE-2017-0108, CVE-2017-0129, MS17-014, VIGILANCE-VUL-22128.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Lync: