Description
Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.
Below is a complete list of vulnerabilities:
- A cross-site-scripting (XSS) vulnerability Microsoft Dynamics 365 (On-Premise) can be exploited remotely via specially crafted web to spoof user interface.
- A remote code execution vulnerability in Microsoft Dynamics 365 (on-premises) can be exploited remotely via specially crafted request to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Dynamics 365 for Finance and Operations (on-premises) can be exploited remotely via specially crafted file to execute arbitrary code.
Fiches de renseignement originales
- CVE-2020-16860
- CVE-2020-16862
- CVE-2020-16864
- CVE-2020-16878
- CVE-2020-16861
- CVE-2020-16871
- CVE-2020-16858
- CVE-2020-16859
- CVE-2020-16857
Produits associés
Liste CVE
- CVE-2020-16872 critical
- CVE-2020-16860 critical
- CVE-2020-16862 critical
- CVE-2020-16864 high
- CVE-2020-16878 high
- CVE-2020-16861 high
- CVE-2020-16871 high
- CVE-2020-16858 high
- CVE-2020-16859 high
- CVE-2020-16857 critical
Liste KB
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !