GHSA-774c-xc8q-c8cj

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11, aka 'Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability'.

Ссылки

EPSS

Процентиль: 95%

0.1591

Средний

7.3 High

CVSS3

CVE ID

CVE-2020-1182

Дефекты

CWE-20

Связанные уязвимости

CVE-2020-1182

CVSS3: 7.3

nvd

больше 5 лет назад

A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server. An authenticated attacker with privileges to import and export data could exploit this vulnerability by sending a specially crafted file to a vulnerable Dynamics server. The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11 handles user input.

CVE-2020-1182

msrc

больше 5 лет назад

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

BDU:2020-04125

CVSS3: 8

fstec

больше 5 лет назад

Уязвимость сервера программного средства для планирования ресурсов Microsoft Dynamics 365 for Finance and Operations, связанная с ошибками обработки входных данных, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 95%

0.1591

Средний

7.3 High

CVSS3

CVE ID

CVE-2020-1182

Дефекты

CWE-20