Dynamics 365
by Microsoft
CVEs (56)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-21570 | 0.00 | — | 0.01 | Feb 14, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||
| CVE-2022-41127 | 0.00 | — | 0.02 | Dec 13, 2022 | Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability | |||
| CVE-2022-41066 | 0.00 | — | 0.01 | Nov 9, 2022 | Microsoft Business Central Information Disclosure Vulnerability | |||
| CVE-2022-21891 | 0.00 | — | 0.02 | Jan 11, 2022 | Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | |||
| CVE-2021-42316 | 0.00 | — | 0.02 | Nov 10, 2021 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | |||
| CVE-2021-41354 | 0.00 | — | 0.01 | Oct 13, 2021 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||
| CVE-2021-41353 | 0.00 | — | 0.01 | Oct 13, 2021 | Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | |||
| CVE-2021-40457 | 0.00 | — | 0.02 | Oct 13, 2021 | Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | |||
| CVE-2021-36950 | 0.00 | — | 0.01 | Aug 12, 2021 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||
| CVE-2021-36946 | 0.00 | — | 0.01 | Aug 12, 2021 | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | |||
| CVE-2021-34524 | 0.00 | — | 0.03 | Aug 12, 2021 | Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | |||
| CVE-2021-28461 | 0.00 | — | 0.01 | May 11, 2021 | Dynamics Finance and Operations Cross-site Scripting Vulnerability | |||
| CVE-2021-1724 | 0.00 | — | 0.01 | Feb 25, 2021 | Microsoft Dynamics Business Central Cross-site Scripting Vulnerability | |||
| CVE-2020-17021 | 0.00 | — | 0.01 | Nov 11, 2020 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||
| CVE-2020-17018 | 0.00 | — | 0.01 | Nov 11, 2020 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||
| CVE-2020-17005 | 0.00 | — | 0.01 | Nov 11, 2020 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | |||
| CVE-2020-16978 | 0.00 | — | 0.01 | Oct 16, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | |||
| CVE-2020-16956 | 0.00 | — | 0.01 | Oct 16, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | |||
| CVE-2020-16943 | 0.00 | — | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization. To exploit the vulnerability, an attacker would need to send a… | |||
| CVE-2020-16878 | 0.00 | — | 0.02 | Sep 11, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… |
- CVE-2023-21570Feb 14, 2023risk 0.00cvss —epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- CVE-2022-41127Dec 13, 2022risk 0.00cvss —epss 0.02
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
- CVE-2022-41066Nov 9, 2022risk 0.00cvss —epss 0.01
Microsoft Business Central Information Disclosure Vulnerability
- CVE-2022-21891Jan 11, 2022risk 0.00cvss —epss 0.02
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
- CVE-2021-42316Nov 10, 2021risk 0.00cvss —epss 0.02
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
- CVE-2021-41354Oct 13, 2021risk 0.00cvss —epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- CVE-2021-41353Oct 13, 2021risk 0.00cvss —epss 0.01
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
- CVE-2021-40457Oct 13, 2021risk 0.00cvss —epss 0.02
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability
- CVE-2021-36950Aug 12, 2021risk 0.00cvss —epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- CVE-2021-36946Aug 12, 2021risk 0.00cvss —epss 0.01
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
- CVE-2021-34524Aug 12, 2021risk 0.00cvss —epss 0.03
Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
- CVE-2021-28461May 11, 2021risk 0.00cvss —epss 0.01
Dynamics Finance and Operations Cross-site Scripting Vulnerability
- CVE-2021-1724Feb 25, 2021risk 0.00cvss —epss 0.01
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
- CVE-2020-17021Nov 11, 2020risk 0.00cvss —epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- CVE-2020-17018Nov 11, 2020risk 0.00cvss —epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- CVE-2020-17005Nov 11, 2020risk 0.00cvss —epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- CVE-2020-16978Oct 16, 2020risk 0.00cvss —epss 0.01
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- CVE-2020-16956Oct 16, 2020risk 0.00cvss —epss 0.01
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- CVE-2020-16943Oct 16, 2020risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization. To exploit the vulnerability, an attacker would need to send a…
- CVE-2020-16878Sep 11, 2020risk 0.00cvss —epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
Page 2 of 3