The vulnerability of the customer feedback management application of Microsoft Dynamics 365, related to errors in information presentation on the user interface, allows attackers to perform spoofing attacks.

🗓️ 29 Nov 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 8 Views

Dynamics 365 customer feedback app has UI information presentation errors enabling remote spoofing.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2023-36007	7 Jan 202520:39	–	circl
CNNVD	Microsoft Dynamics 365 Security Vulnerability	14 Nov 202300:00	–	cnnvd
CVE	CVE-2023-36007	14 Nov 202320:17	–	cve
Cvelist	CVE-2023-36007 Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability	14 Nov 202320:17	–	cvelist
EUVD	EUVD-2023-39991	3 Oct 202520:07	–	euvd
Kaspersky	KLA61976 Multiple vulnerabilities in Microsoft Dynamics	14 Nov 202300:00	–	kaspersky
Microsoft CVE	Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability	14 Nov 202308:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Dynamics	14 Nov 202300:00	–	ncsc
NVD	CVE-2023-36007	14 Nov 202321:15	–	nvd
OSV	CVE-2023-36007	14 Nov 202321:15	–	osv

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36007
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2023111432
vuldb	www.vuldb.com/
web	www.web.nvd.nist.gov/view/vuln/detail

29 Nov 2023 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 27.5

CVSS 37.6

EPSS0.01069

Dynamics 365 customer feedback user interface information presentation remote spoofing