Multiple vulnerabilities in Microsoft Dynamics

Description

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A cross-site-scripting (XSS) vulnerability Microsoft Dynamics 365 (on-premises) can be exploited remotely to spoof user interface.
2. A remote code execution vulnerability in Microsoft Dynamics Unified Service Desk can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2023-21807

• CVE-2023-21570
• CVE-2023-21573
• CVE-2023-21572
• CVE-2023-21571
• CVE-2023-21778

Related products

• Microsoft-Dynamics-365

CVE list

• CVE-2023-21807
  high
• CVE-2023-21570
  high
• CVE-2023-21573
  high
• CVE-2023-21572
  high
• CVE-2023-21571
  high
• CVE-2023-21778
  critical

KB list

• 5023506
• 5023505

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com