<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server.</p>
<p>An authenticated attacker with privileges to import and export data could exploit this vulnerability by sending a specially crafted file to a vulnerable Dynamics server.</p>
<p>The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11 handles user input.</p>
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: microsoft
Published: 2020-09-11T17:08:41
Updated: 2024-08-04T13:45:33.226Z
Reserved: 2020-08-04T00:00:00
Link: CVE-2020-16857
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-11T17:15:16.903
Modified: 2023-12-31T22:15:50.427
Link: CVE-2020-16857
Redhat
No data.