KLA12420
Multiple vulnerabilities in Microsoft Dynamics

Обновлено: 12/01/2022

Дата обнаружения	11/01/2022
Уровень угрозы	Warning
Описание	Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface, perform cross-site scripting attack. Below is a complete list of vulnerabilities: A spoofing vulnerability in Microsoft Dynamics 365 (on-premises) can be exploited remotely to spoof user interface. Cross-site scripting (XSS) vulnerability in Microsoft Dynamics 365 Customer Engagement can be exploited remotely to perform cross-site scripting attack.
Пораженные продукты	Microsoft Dynamics 365 Customer Engagement V9.0 Dynamics 365 Sales
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2022-21891 CVE-2022-21932
Оказываемое влияние ?	XSS/CSS [?] SUI [?]
Связанные продукты	Microsoft Dynamics 365
CVE-IDS	CVE-2022-218915.0Critical CVE-2022-219325.0Critical
KB list	5010574
	Узнай статистику распространения уязвимостей в твоем регионе

KLA12420Multiple vulnerabilities in Microsoft Dynamics