CVE-2020-16862

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 (on-premises) (affected versions not specified)

Description: A remote code execution issue exists due to the server's failure to properly sanitize web requests. This could allow an attacker to run arbitrary code in the context of the SQL service account by sending a specially crafted request to a vulnerable server. The issue is related to insufficient input validation.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.