Microsoft Dynamics 365 vulnerabilities

87 known vulnerabilities affecting microsoft/dynamics_365.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL1HIGH23MEDIUM61LOW2

Vulnerabilities

Page 3 of 5

CVE-2023-21778HIGHCVSS 8.0fixed in 4.2.0.512023-02-14

CVE-2023-21778 [HIGH] CWE-77 CVE-2023-21778: Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability

nvd

CVE-2023-21807MEDIUMCVSS 6.5fixed in 9.0.45.11≥ 9.1, < 9.1.16.202023-02-14

CVE-2023-21807 [MEDIUM] CWE-79 CVE-2023-21807: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

nvd

CVE-2023-21570MEDIUMCVSS 5.4≥ 9.0, < 9.0.45.11≥ 9.1, < 9.1.16.202023-02-14

CVE-2023-21570 [MEDIUM] CWE-79 CVE-2023-21570: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

nvd

CVE-2023-21571MEDIUMCVSS 5.4fixed in 9.0.45.11≥ 9.1, < 9.1.16.202023-02-14

CVE-2023-21571 [MEDIUM] CWE-79 CVE-2023-21571: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

nvd

CVE-2023-21572MEDIUMCVSS 6.5fixed in 9.0.45.11≥ 9.1, < 9.1.16.202023-02-14

CVE-2023-21572 [MEDIUM] CWE-79 CVE-2023-21572: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

nvd

CVE-2023-21573MEDIUMCVSS 5.4fixed in 9.0.45.11≥ 9.1, < 9.1.16.202023-02-14

CVE-2023-21573 [MEDIUM] CWE-79 CVE-2023-21573: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

nvd

CVE-2022-35805HIGHCVSS 8.8v9.0v9.12022-09-13

CVE-2022-35805 [HIGH] CVE-2022-35805: Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

nvd

CVE-2022-34700HIGHCVSS 8.8v9.0v9.12022-09-13

CVE-2022-34700 [HIGH] CWE-89 CVE-2022-34700: Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

nvd

CVE-2022-23259HIGHCVSS 8.8v9.0v9.12022-04-15

CVE-2022-23259 [HIGH] CVE-2022-23259: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

nvd

CVE-2022-21957HIGHCVSS 7.2v8.2v9.02022-02-09

CVE-2022-21957 [HIGH] CVE-2022-21957: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

nvd

CVE-2022-21932MEDIUMCVSS 5.4v9.02022-01-11

CVE-2022-21932 [MEDIUM] CWE-79 CVE-2022-21932: Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

nvd

CVE-2021-42316HIGHCVSS 8.8v9.0v9.12021-11-10

CVE-2021-42316 [HIGH] CVE-2021-42316: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

nvd

CVE-2021-41354MEDIUMCVSS 5.4v9.0v9.12021-10-13

CVE-2021-41354 [MEDIUM] CWE-79 CVE-2021-41354: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

nvd

CVE-2021-40457MEDIUMCVSS 6.1v9.0v9.12021-10-13

CVE-2021-40457 [MEDIUM] CWE-79 CVE-2021-40457: Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

nvd

CVE-2021-41353LOWCVSS 3.5v9.0v9.12021-10-13

CVE-2021-41353 [LOW] CVE-2021-41353: Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

nvd

CVE-2021-34524HIGHCVSS 8.8v9.0v9.12021-08-12

CVE-2021-34524 [HIGH] CVE-2021-34524: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

nvd

CVE-2021-36950MEDIUMCVSS 5.4v9.02021-08-12

CVE-2021-36950 [MEDIUM] CWE-79 CVE-2021-36950: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

nvd

CVE-2021-24101MEDIUMCVSS 6.5v8.2v9.02021-02-25

CVE-2021-24101 [MEDIUM] CVE-2021-24101: Microsoft Dataverse Information Disclosure Vulnerability Microsoft Dataverse Information Disclosure Vulnerability

nvd

CVE-2020-17152HIGHCVSS 8.8fixed in 10.0.112020-12-10

CVE-2020-17152 [HIGH] CVE-2020-17152: Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

nvd

CVE-2020-17158HIGHCVSS 8.8fixed in 10.0.112020-12-10

CVE-2020-17158 [HIGH] CVE-2020-17158: Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

nvd

← Previous3 / 5Next →