Dynamics 365 Sales Spoofing Vulnerability
CVE-2024-21396
7.6HIGH
Summary
The vulnerability in Dynamics 365 Sales allows an attacker to spoof legitimate users, potentially leading to unauthorized access and manipulation of sensitive data. This could compromise user authentication processes, resulting in significant security risks often associated with identity verification failures. As organizations increasingly rely on cloud services for critical operations, awareness and prompt mitigation of such vulnerabilities are crucial for safeguarding data integrity and user trust.
Affected Version(s)
Microsoft Dynamics 365 (on-premises) version 9.1 Unknown 9.0 < 9.1.25.17
References
CVSS V3.1
Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre DatabaseMicrosoft Feed