What the vulnerability does
01Description
Skype for Business Elevation of Privilege Vulnerability
CVE-2023-41763
MEDIUM
CVE-2023-41763: Skype for Business Elevation of Privilege Vulnerability
CVSS base score
5.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
CISA mandated remediation
02CISA Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Key dates
03Disclosure timeline
October 10, 2023
CVE published
October 21, 2025
Record updated
External resources
04References
NVD — National Vulnerability Database
https://nvd.nist.gov/vuln/detail/CVE-2023-41763
CWE — Common Weakness Enumeration
https://cwe.mitre.org/data/definitions/918.html
CISA KEV Reference
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CV…
CISA KEV Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-41763
Related vulnerabilities
05Related CVE
CVE-2026-28416 Gradio has SSRF via Malicious `proxy_url` Injection in `gr.load()` Config Processing
CVE-2026-3966 648540858 wvp-GB28181-pro IP Address ABLMediaNodeServerService.java getDownloadFilePath server-side request forgery
CVE-2024-12882 SSRF in comfyanonymous/comfyui
CVE-2026-1648 Performance Monitor <= 1.0.6 - Unauthenticated Server-Side Request Forgery via 'url' Parameter
CVE-2025-64327 ThinkDashboard: Blind Server-Side Request Forgery (SSRF) vulnerability in /api/ping Endpoint
