Описание
Dynamics 365 Commerce Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization.
To exploit the vulnerability, an attacker would need to send a specially crafted request to an affected server.
The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 Commerce performs authorization checks.
FAQ
Is the update for Dynamics 365 Commerce that addresses this vulnerability currently available?
The security update for Dynamics 365 Commerce is not immediately available. The update will be released as soon as possible, and when it becomes available, customers will be notified via a revision to this CVE information.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Dynamics 365 Commerce version 10.0.12 | ||
| Dynamics 365 Commerce version 10.0.13 | ||
| Dynamics 365 Commerce version 10.0.14 | ||
| Dynamics 365 Commerce version 10.0.15 | ||
| Dynamics 365 Commerce version 10.0.16 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
<p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization.</p> <p>To exploit the vulnerability, an attacker would need to send a specially crafted request to an affected server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 Commerce performs authorization checks.</p>
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce, aka 'Dynamics 365 Commerce Elevation of Privilege Vulnerability'.
Уязвимость программного средства для электронной коммерции Microsoft Dynamics 365 Commerce, связанная с ошибками авторизации, позволяющая нарушителю повысить свои привилегии
EPSS
6.5 Medium
CVSS3