CVE-2018-8238

A security feature bypass vulnerability exists when Skype for Business or Lync do not properly parse UNC path links shared via messages, aka "Skype for Business and Lync Security Feature Bypass Vulnerability." This affects Skype, Microsoft Lync.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
References
http://www.securityfocus.com/bid/104619
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238
http://www.securityfocus.com/bid/104619
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8238