← Back

CVE-2023-41763

nvd nistnuclei
Published: Oct 10, 2023Modified: Oct 28, 2025CISA KEV

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: secure@microsoft.com (Secondary)

Description

Skype for Business Elevation of Privilege Vulnerability

Affected (2)

Microsoft
1 product
Skype For Business Server
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Skype For Business Server
Version 2015 cumulative_update_13
Skype For Business Server
Version 2019 cumulative_update_7

Related CWEs

CWE-918
Server-Side Request Forgery (SSRF)
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

References (3)

Source: secure@microsoft.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.