Microsoft Dynamics 365 Customer Insights Spoofing Vulnerability
CVE-2024-30047

4.1MEDIUM

Key Information:

Vendor: Microsoft
Status: Dynamics 365
Vendor: CVE Published:; 14 May 2024

Summary

The vulnerability in Dynamics 365 Customer Insights exposes users to potential spoofing attacks, enabling malicious actors to impersonate legitimate users. This can lead to unauthorized access and manipulation of sensitive data, compromising the integrity and confidentiality of customer insights. Organizations utilizing Dynamics 365 Customer Insights must assess their security posture and implement protective measures to mitigate risks associated with this vulnerability.

Affected Version(s)

Dynamics 365 Unknown 10.0.0 < 1.38813.80

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

4.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
May 14, 2024
Vulnerability Reserved
Mar 22, 2024