← voltar
CVE-2020-16943

Dynamics 365 Commerce Elevation of Privilege Vulnerability

CVSS 6.5 MEDIUMEPSS 1.1%
<p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization.</p> <p>To exploit the vulnerability, an attacker would need to send a specially crafted request to an affected server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 Commerce performs authorization checks.</p>
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Produtos afetados
Microsoft · Dynamics 365 Commerce version 10.0.12Microsoft · Dynamics 365 Commerce version 10.0.13Microsoft · Dynamics 365 Commerce version 10.0.14Microsoft · Dynamics 365 Commerce version 10.0.15Microsoft · Dynamics 365 Commerce version 10.0.16

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16943