Spoofing Vulnerability in Microsoft Dynamics 365 Sales
CVE-2024-49053

7.6HIGH

Key Information:

Vendor: Microsoft
Status: Dynamics 365 Sales For Android; Dynamics 365 Sales For iOS
Vendor: CVE Published:; 26 November 2024

🔔 Create Microsoft Vulnerability Alert

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2024-49053?

CVE-2024-49053 is a spoofing vulnerability in Microsoft Dynamics 365 Sales, which could allow an attacker to impersonate other users and manipulate communications within the application. This exploitation may lead to unauthorized access and manipulation of sensitive data. Organizations using this platform should apply necessary security patches and monitor their systems for any unusual activity to mitigate potential risks.

Affected Version(s)

Dynamics 365 Sales for Android Unknown 1.0.0 < 3.24104.15

Dynamics 365 Sales for iOS Unknown 1.0.0 < 3.24104.15

News Articles

The Hacker News

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Microsoft patches four critical security flaws, including an exploited privilege escalation vulnerability in Partner Center.

thmubnail image

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Nov 29, 2024
📰
First article discovered by The Hacker News
Nov 29, 2024
Vulnerability published
Nov 26, 2024

.