Количество 3
Количество 3
CVE-2019-1229
An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability could leverage a customizer privilege within Dynamics to gain control of the Web Role hosting the Dynamics installation. To exploit this vulnerability, an attacker needs to have credentials for a user that has permission to author customized business rules in Dynamics, and persist XAML script in a way that causes it to be interpreted as code. The update addresses the vulnerability by restricting XAML activities to a whitelisted set.
CVE-2019-1229
Dynamics On-Premise Elevation of Privilege Vulnerability
GHSA-g2cr-4r55-7gww
An elevation of privilege vulnerability exists in Dynamics On-Premise v9, aka 'Dynamics On-Premise Elevation of Privilege Vulnerability'.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-1229 An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability could leverage a customizer privilege within Dynamics to gain control of the Web Role hosting the Dynamics installation. To exploit this vulnerability, an attacker needs to have credentials for a user that has permission to author customized business rules in Dynamics, and persist XAML script in a way that causes it to be interpreted as code. The update addresses the vulnerability by restricting XAML activities to a whitelisted set. | CVSS3: 8.8 | 10% Низкий | около 6 лет назад |
 | CVE-2019-1229 Dynamics On-Premise Elevation of Privilege Vulnerability | 10% Низкий | около 6 лет назад | |
| GHSA-g2cr-4r55-7gww An elevation of privilege vulnerability exists in Dynamics On-Premise v9, aka 'Dynamics On-Premise Elevation of Privilege Vulnerability'. | CVSS3: 8.8 | 10% Низкий | больше 3 лет назад |
Уязвимостей на страницу