PT-2024-1649 · Microsoft · Dynamics 365 Sales

Erik Donker

Published

2024-02-13

Updated

2024-05-29

CVE-2024-21396

CVSS v3.1

7.6

High

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Dynamics 365 Sales (affected versions not specified)

Description The issue is related to errors in the representation of information by the user interface in Microsoft Dynamics 365, which can lead to spoofing attacks. A remote attacker can exploit this issue to conduct such attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

UI Misrepresentation of Critical Information

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-451CWE-79

Related Identifiers

BDU:2024-01323

CVE-2024-21396

Affected Products

Dynamics 365 Sales

PT-2024-1649 · Microsoft · Dynamics 365 Sales

CVE-2024-21396

Weakness Enumeration

Related Identifiers

Affected Products

References · 6