dynamics 365 · threatengine.sh

Home/Product/microsoft dynamics 365

Product

microsoft dynamics 365

97 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

>= 9.1.1.914 and < 9.1.45.11

Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to

>= 9.1 and < 9.1.45.11

Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to

Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a n

>= 9.0 and < 9.1.44.15

Improper access control in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to disclose information locally.

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows

>= 9.1 and < 9.1.41.07

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker

Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability

>= 9.1 and < 9.1.39.04

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker

>= 9.1 and < 9.1.38.10

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allow

Exposure of private personal information to an unauthorized actor in Dynamics 365 FastTrack Implementation Assets allows an unauth

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

>= 9.1 and < 9.1.26

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.1 and < 9.1.25.17

Dynamics 365 Sales Spoofing Vulnerability

>= 9.1 and < 9.1.25.17

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.1 and < 9.1.25.17

Dynamics 365 Field Service Spoofing Vulnerability

>= 9.1 and < 9.1.25.17

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.1 and < 9.1.25.17

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.1 and < 9.1.25.17

Dynamics 365 Sales Spoofing Vulnerability

>= 9.1 and < 9.1.25.17

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

>= 9.0 and < 9.0.51.06

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability

>= 9.1 and < 9.1.23.10

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.1 and < 9.1.23.10

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.51.06

Microsoft Dynamics 365 Sales Spoofing Vulnerability

>= 9.0 and < 9.0.51.06

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.49.04

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

>= 9.0 and < 9.0.50.03

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

>= 9.0 and < 9.0.47.08

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.49.04

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.49.04

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Dynamics Finance and Operations Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.47.08

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Dynamics 365 Finance Spoofing Vulnerability

>= 9.0 and < 9.0.47.08

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.47.08

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.46.15

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.46.15

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

>= 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability

> 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

> 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

> 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

> 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

>= 9.0 and < 9.0.45.11

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Dynamics Finance and Operations Cross-site Scripting Vulnerability

Microsoft Dataverse Information Disclosure Vulnerability

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

Dynamics CRM Webclient Cross-site Scripting Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially cr

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially craft

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially craft

An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privileg

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially craft

>= 9.0 and < 9.0.9.4

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially craft

An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability

A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'

>= 8.0 and < 8.2.3.0003

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly s

>= 8.0 and < 8.2.3.0003

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a speci

>= 8.0 and < 8.2.3.0003

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a speci

>= 8.0 and < 8.2.3.0003

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a speci

>= 8.0 and < 8.2.3.0003

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a speci

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin