Описание
Microsoft Dynamics 365 Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Dynamics server.
To exploit the vulnerability, an authenticated attacker would need to send a specially crafted request to an affected server, thereby allowing impersonation of another Dynamics CRM user.
The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 Server validates and sanitizes user input.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Dynamics 365 (on-premises) version 8 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
EPSS
Связанные уязвимости
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'.
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'.
Уязвимость системы управления взаимоотношениями с клиентами Microsoft Dynamics 365, связанная с недостатками контроля доступа, позволяющая нарушителю повысить свои привилегии
EPSS