Information Disclosure Vulnerability in Lync 2013 by Microsoft
CVE-2019-1209

6.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Lync Server
Vendor: CVE Published:; 11 September 2019

Summary

An information disclosure vulnerability in Lync 2013 has been identified, which may allow an attacker to gain unauthorized access to sensitive information. This vulnerability potentially exposes user data and communication metadata, making it a target for cybercriminals. Organizations utilizing Microsoft Lync 2013 should implement necessary security measures to mitigate the risks associated with this vulnerability and protect their data integrity.

Affected Version(s)

Microsoft Lync Server 2013

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2019
Vulnerability Reserved
Nov 26, 2018