Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
Vulnerability Description
<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server.</p> <p>An authenticated attacker with privileges to import and export data could exploit this vulnerability by sending a specially crafted file to a vulnerable Dynamics server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11 handles user input.</p>
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
Vulnerability Type
N/A
Vulnerability Title
Microsoft Dynamics 365 输入验证错误漏洞
Vulnerability Description
Microsoft Dynamics 365是美国微软(Microsoft)公司的一套适用于跨国企业的ERP业务解决方案。该产品包括财务管理、生产管理和商业智能管理等。 Microsoft Dynamics 365 for Finance和Operations10.0.11版本中存在远程代码执行漏洞,攻击者可借助该漏洞将特制文件发送到易受攻击的 Dynamics 服务器,从而导致远程执行代码。
CVSS Information
N/A
Vulnerability Type
N/A