Searching
..

Click anywhere to stop

KLA51711
Multiple vulnerabilities in Microsoft Dynamics

Обновлено: 25/01/2024
Дата обнаружения
08/08/2023
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Dynamics Business Central can be exploited remotely to gain privileges.
  2. A remote code execution vulnerability in Microsoft Dynamics 365 On-Premises can be exploited remotely to execute arbitrary code.
Пораженные продукты

Microsoft Dynamics 365 Business Central 2023 Release Wave 1
Microsoft Dynamics 365 (on-premises) version 9.0
Microsoft Dynamics 365 (on-premises) version 9.1

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2023-38167
CVE-2023-35389
Оказываемое влияние
?
ACE 
[?]

PE 
[?]
Связанные продукты
Microsoft Dynamics 365
CVE-IDS
KB list

5026500
5029765