Spoofing Vulnerability in Microsoft Dynamics 365 Sales
CVE-2024-49053

7.6HIGH

Key Information:

Vendor
Microsoft
Status
Dynamics 365 Sales For Android
Dynamics 365 Sales For iOS
Vendor
CVE Published:
26 November 2024

Badges

πŸ‘Ύ Exploit ExistsπŸ“° News Worthy

Summary

CVE-2024-49053 is a spoofing vulnerability in Microsoft Dynamics 365 Sales, which could allow an attacker to impersonate other users and manipulate communications within the application. This exploitation may lead to unauthorized access and manipulation of sensitive data. Organizations using this platform should apply necessary security patches and monitor their systems for any unusual activity to mitigate potential risks.

Affected Version(s)

Dynamics 365 Sales for Android Unknown 1.0.0 < 3.24104.15

Dynamics 365 Sales for iOS Unknown 1.0.0 < 3.24104.15

News Articles

favicon imageThe Hacker News

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Microsoft patches four critical security flaws, including an exploited privilege escalation vulnerability in Partner Center.

1 month ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by The Hacker News

  • Vulnerability published

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed1 News Article(s)
.