Microsoft Dynamics 365 Sales Spoofing Vulnerability: What You Need to Know
CVE-2024-21328
7.6HIGH
Summary
The spoofing vulnerability in Dynamics 365 Sales allows attackers to impersonate legitimate users, potentially gaining unauthorized access to sensitive information and operating within the application as if they were a trusted entity. Exploitation of this vulnerability could lead to manipulation of data or services, creating significant risks for organizations that rely on this CRM platform for customer engagement and sales operations. Vigilance in monitoring and applying security patches is essential to mitigate associated risks.
Affected Version(s)
Microsoft Dynamics 365 (on-premises) version 9.1 Unknown 9.0 < 9.1.25.17
References
CVSS V3.1
Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre DatabaseMicrosoft Feed