Microsoft Dynamics 365 vulnerabilities

CVE-2019-1229 [HIGH] CVE-2019-1229: An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successful An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability could leverage a customizer privilege within Dynamics to gain control of the Web Role hosting the Dynamics installation. To exploit this vulnerability, an attacker needs to have credentials for a user that has permission to author c

CVE-2019-1008 [MEDIUM] CVE-2019-1008: A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Pr A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'.

CVE-2018-8609 [HIGH] CWE-116 CVE-2018-8609: A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability." This affects Microsoft Dynamics 365.

CVE-2018-8606 [MEDIUM] CVE-2018-8606: A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. This CVE ID is unique from CVE-2018-8605, CVE-20

CVE-2018-8605 [MEDIUM] CWE-79 CVE-2018-8605: A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. This CVE ID is unique from CVE-2018-8606,

CVE-2018-8607 [MEDIUM] CVE-2018-8607: A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. This CVE ID is unique from CVE-2018-8605, CVE-20

CVE-2018-8608 [MEDIUM] CVE-2018-8608: A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. This CVE ID is unique from CVE-2018-8605, CVE-20