<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server.</p> <p>An authenticated attacker with privileges to import and export data could exploit this vulnerability by sending a specially crafted file to a vulnerable Dynamics server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11 handles user input.</p>
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2020-09-11T17:08:41

Updated: 2024-08-04T13:45:33.226Z

Reserved: 2020-08-04T00:00:00

Link: CVE-2020-16857

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-09-11T17:15:16.903

Modified: 2023-12-31T22:15:50.427

Link: CVE-2020-16857

cve-icon Redhat

No data.