Searching
..

Click anywhere to stop

KLA48561
Multiple vulnerabilities in Microsoft Dynamics

Обновлено: 25/01/2024
Дата обнаружения
14/03/2023
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. Security UI vulnerability in Microsoft Dynamics 365 (on-premises) can be exploited remotely to spoof user interface.
  2. An information disclosure vulnerability in Microsoft Dynamics 365 can be exploited remotely to obtain sensitive information.
Пораженные продукты

Microsoft Dynamics 365 (on-premises) version 9.1
Microsoft Dynamics 365 (on-premises) version 9.0

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2023-24920
CVE-2023-24891
CVE-2023-24922
CVE-2023-24919
CVE-2023-24921
CVE-2023-24879
Оказываемое влияние
?
OSI 
[?]

XSS/CSS 
[?]

SUI 
[?]
Связанные продукты
Microsoft Dynamics 365
CVE-IDS
KB list

5023506
5023505