KLA51711
Multiple vulnerabilities in Microsoft Dynamics

Обновлено: 29/09/2023

Дата обнаружения	08/08/2023
Уровень угрозы	High
Описание	Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: An elevation of privilege vulnerability in Microsoft Dynamics Business Central can be exploited remotely to gain privileges. A remote code execution vulnerability in Microsoft Dynamics 365 On-Premises can be exploited remotely to execute arbitrary code.
Пораженные продукты	Microsoft Dynamics 365 Business Central 2023 Release Wave 1 Microsoft Dynamics 365 (on-premises) version 9.0 Microsoft Dynamics 365 (on-premises) version 9.1
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2023-38167 CVE-2023-35389
Оказываемое влияние ?	ACE [?] PE [?]
Связанные продукты	Microsoft Dynamics 365
CVE-IDS	CVE-2023-381675.0Warning CVE-2023-353895.0Warning
KB list	5026500 5029765

KLA51711Multiple vulnerabilities in Microsoft Dynamics