Searching
..

Click anywhere to stop

KLA48561
Multiple vulnerabilities in Microsoft Dynamics

Updated: 01/25/2024
Detect date
?
03/14/2023
Severity
?
High
Description

Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. Security UI vulnerability in Microsoft Dynamics 365 (on-premises) can be exploited remotely to spoof user interface.
  2. An information disclosure vulnerability in Microsoft Dynamics 365 can be exploited remotely to obtain sensitive information.
Affected products

Microsoft Dynamics 365 (on-premises) version 9.1
Microsoft Dynamics 365 (on-premises) version 9.0

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2023-24920
CVE-2023-24891
CVE-2023-24922
CVE-2023-24919
CVE-2023-24921
CVE-2023-24879

Impacts
?
OSI 
[?]

XSS/CSS 
[?]

SUI 
[?]
Related products
Microsoft Dynamics 365
CVE-IDS
?
KB list

5023506
5023505

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region