説明
Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.
Below is a complete list of vulnerabilities:
- A cross-site-scripting (XSS) vulnerability Microsoft Dynamics 365 (On-Premise) can be exploited remotely via specially crafted web to spoof user interface.
- A remote code execution vulnerability in Microsoft Dynamics 365 (on-premises) can be exploited remotely via specially crafted request to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Dynamics 365 for Finance and Operations (on-premises) can be exploited remotely via specially crafted file to execute arbitrary code.
オリジナルアドバイザリー
- CVE-2020-16860
- CVE-2020-16862
- CVE-2020-16864
- CVE-2020-16878
- CVE-2020-16861
- CVE-2020-16871
- CVE-2020-16858
- CVE-2020-16859
- CVE-2020-16857
関連製品
CVEリスト
- CVE-2020-16872 critical
- CVE-2020-16860 critical
- CVE-2020-16862 critical
- CVE-2020-16864 high
- CVE-2020-16878 high
- CVE-2020-16861 high
- CVE-2020-16871 high
- CVE-2020-16858 high
- CVE-2020-16859 high
- CVE-2020-16857 critical
KBリスト
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!