CVE-2019-1265
Last modified
CVE-2019-1265 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A security feature bypass vulnerability exists when Microsoft Yammer App for Android fails to apply the correct Intune MAM Policy.This could allow an attacker to perform functions that are restricted by Intune Policy.The security update addresses the vulnerability by correcting the way the policy is applied to Yammer App., aka 'Microsoft Yammer Security Feature Bypass Vulnerability'.. EPSS estimates a 3.14% chance of exploitation in the next 30 days.
Description
A security feature bypass vulnerability exists when Microsoft Yammer App for Android fails to apply the correct Intune MAM Policy.This could allow an attacker to perform functions that are restricted by Intune Policy.The security update addresses the vulnerability by correcting the way the policy is applied to Yammer App., aka 'Microsoft Yammer Security Feature Bypass Vulnerability'.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Yammer | < 5.6.10 |
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1265Patch, Vendor Advisory
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1265Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-1265?
How severe is CVE-2019-1265?
How do I fix CVE-2019-1265?
Are you affected by CVE-2019-1265?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST