Security Feature Bypass Vulnerability in Microsoft Dynamics On-Premise
CVE-2019-1008

5.9MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Dynamics 365 (on-premises); Microsoft Dynamics Crm 2015 (on-premises)
Vendor: CVE Published:; 16 May 2019

Summary

A security feature bypass vulnerability exists in Microsoft Dynamics On-Premise, which allows attackers to circumvent intended security controls. This flaw can potentially enable unauthorized access to system functionalities that should be protected, posing risks to data integrity and confidentiality. Users are advised to apply the necessary patches to mitigate these threats.

Affected Version(s)

Microsoft Dynamics 365 (on-premises) 8.2

Microsoft Dynamics 365 (on-premises) 9.0

Microsoft Dynamics CRM 2015 (on-premises) 7.0

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 16, 2019
Vulnerability Reserved
Nov 26, 2018