CVE-2020-1432

CVE Database · CVE-2020-1432

CVE-2020-1432

· MEDIUMModified

CVSS v3.1

4.3

EPSS

4.45%

Published

Jul 14, 2020

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An information disclosure vulnerability exists when Skype for Business is accessed via Internet Explorer, aka 'Skype for Business via Internet Explorer Information Disclosure Vulnerability'.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Affected Products (20)

microsoft · internet_explorervulnerable

microsoft · windows_10

microsoft · windows_7

microsoft · windows_8.1

microsoft · windows_rt_8.1

microsoft · windows_server_2008

References (2)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1432

PatchVendor Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1432

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs