Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA20227
Multiple vulnerabilities in Microsoft Dynamics

Обновлено: 16/02/2023
Дата обнаружения
 14/02/2023
Уровень угрозы
 High
Описание

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A cross-site-scripting (XSS) vulnerability Microsoft Dynamics 365 (on-premises) can be exploited remotely to spoof user interface.
  2. A remote code execution vulnerability in Microsoft Dynamics Unified Service Desk can be exploited remotely to execute arbitrary code.
Пораженные продукты

Microsoft Dynamics 365 (on-premises) version 9.0
Microsoft Dynamics 365 (on-premises) version 9.1
Microsoft Dynamics 365 Unified Service Desk
Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения
 CVE-2023-21807
CVE-2023-21570
CVE-2023-21573
CVE-2023-21572
CVE-2023-21571
CVE-2023-21778
Оказываемое влияние
?
ACE 
[?]

XSS/CSS 
[?]

SUI 
[?]
Связанные продукты
 Microsoft Dynamics 365
CVE-IDS
CVE-2023-218075.0Critical
CVE-2023-215705.0Critical
CVE-2023-215735.0Critical
CVE-2023-215725.0Critical
CVE-2023-215715.0Critical
CVE-2023-217785.0Critical
KB list

5023506
5023505
Узнай статистику распространения уязвимостей в твоем регионе
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up