Information Disclosure Vulnerability in Microsoft Dynamics by Microsoft
CVE-2025-30391

8.1HIGH

Key Information:

Vendor: Microsoft
Status: Dynamics 365 Customer Service
Vendor: CVE Published:; 30 April 2025

What is CVE-2025-30391?

A vulnerability in Microsoft Dynamics permits unauthorized attackers to exploit improper input validation, leading to potential information disclosure over a network. This type of security flaw could expose sensitive data, making it crucial for organizations to address and remediate the issue promptly to safeguard their information assets. For detailed insights, refer to the vendor advisory.

Affected Version(s)

Dynamics 365 Customer Service Unknown

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2025
Vulnerability Reserved
Mar 21, 2025