Fabian Schmidt

**Name of the Vulnerable Software and Affected Versions** Microsoft Dynamics CRM (on-premises) (affected versions not specified) **Description** The issue is related to a lack of protection for the SQL query structure in Microsoft Dynamics CRM, allowing for potential remote code execution by an attacker using specially crafted queries. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Dynamics CRM (on-premises) (affected versions not specified) **Description** The issue is related to a lack of protection in the SQL query structure of Microsoft Dynamics CRM, which can be exploited by a remote attacker using specially crafted queries to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Dynamics 365 On-Premises (affected versions not specified) **Description** The issue is related to insecure privilege management in Microsoft Dynamics 365. Exploitation of this issue may allow an attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Dynamics 365 On-Premises (affected versions not specified) **Description** The issue is related to incorrect code generation management in Microsoft Dynamics 365, allowing a remote attacker to execute arbitrary code using a specially crafted request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Dynamics 365 (affected versions not specified) **Description** The issue is related to incorrect code generation management in Microsoft Dynamics 365, allowing a remote attacker to execute arbitrary code by sending a specially crafted request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 (on-premises) (affected versions not specified) Description: A remote code execution issue exists due to the server's failure to properly sanitize web requests. This could allow an attacker to run arbitrary code in the context of the SQL service account by sending a specially crafted request to a vulnerable server. The issue is related to insufficient input validation. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.