Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA12452
Multiple vulnerabilities in Microsoft Dynamics

Updated: 05/16/2022
Detect date
?
 02/08/2022
Severity
?
 High
Description

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Dynamics GP can be exploited remotely to gain privileges.
  2. A remote code execution vulnerability in Microsoft Dynamics 365 (on-premises) can be exploited remotely to execute arbitrary code.
  3. A spoofing vulnerability in Microsoft Dynamics GP can be exploited remotely to spoof user interface.
  4. A remote code execution vulnerability in Microsoft Dynamics GP can be exploited remotely to execute arbitrary code.
Affected products

Microsoft Dynamics GP
Microsoft Dynamics 365 (on-premises) version 9.0
Microsoft Dynamics 365 (on-premises) version 8.2
Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories

CVE-2022-23273
CVE-2022-23272
CVE-2022-21957
CVE-2022-23271
CVE-2022-23269
CVE-2022-23274
Impacts
?
ACE 
[?]

PE 
[?]

SUI 
[?]
Related products
 Microsoft Dynamics 365
CVE-IDS
?
CVE-2022-232739.0Critical
CVE-2022-232729.0Critical
CVE-2022-219576.5High
CVE-2022-232719.0Critical
CVE-2022-232694.3Warning
CVE-2022-232746.5High
Microsoft official advisories
 Microsoft Security Update Guide
KB list

5012731
5012732
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up