Multiple vulnerabilities in Microsoft Dynamics

Описание

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Microsoft Common Data Model SDK can be exploited remotely to cause denial of service.
2. A cross-site-scripting (XSS) vulnerability Microsoft Dynamics 365 (on-premises) can be exploited remotely to spoof user interface.
3. An information disclosure vulnerability in Microsoft Dynamics 365 (On-Premises) can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2023-36566
  CVE-2023-36416
  CVE-2023-36433
  CVE-2023-36429
  

Связанные продукты

• Microsoft-Dynamics-365

Список CVE

• CVE-2023-36566
  high
• CVE-2023-36416
  high
• CVE-2023-36433
  high
• CVE-2023-36429
  high

Список KB

• 5026501
• 5026500
• 5029396
• 5030608
• 5031500
• 5031499

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com