7 matches found
CVE-2020-16943
CVE-2020-16943 affects Microsoft Dynamics 365 Commerce. An unauthenticated attacker could elevate privileges and update data by sending a specially crafted request; exploitation relies on bypassing/violating authorization checks. The issue is addressed by a security update that corrects how Dynam...
CVE-2021-28461
CVE-2021-28461 is a documented Cross-site Scripting (XSS) vulnerability affecting Microsoft Dynamics 365 for Finance and Operations. Connected sources confirm the flaw targets the Dynamics 365 for Finance and Operations web interface, enabling spoofing of the user interface and potential executio...
CVE-2023-35621
CVE-2023-35621 is a Denial-of-Service vulnerability affecting Microsoft Dynamics 365 for Finance and Operations (on‑premises). The issue is exposed over the network and can be triggered remotely to impact availability; CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base 7.5, HIGH). Connect...
CVE-2026-47647
CVE-2026-47647 relates to Microsoft Dynamics 365 and involves an improper access control that enables an authorized attacker to perform a network-based privilege escalation. The CVSS 3.1 metrics indicate a high-severity, network-exposed issue with low attack complexity and low privileges required...
CVE-2025-49715
CVE-2025-49715 relates to an information disclosure in Microsoft Dynamics 365 FastTrack Implementation Assets. Affected product: Dynamics 365 FastTrack Implementation Assets. The description states that private personal information can be exposed to an unauthorized actor over a network, indicatin...
CVE-2025-55238
CVE-2025-55238 affects Microsoft Dynamics 365 FastTrack Implementation Assets. The connected sources describe an information disclosure vulnerability arising from an access control error, enabling leakage of asset information. No concrete exploit details, affected version ranges, or remediation/f...
CVE-2026-32210
Technical details are not publicly available in the provided documents for CVE-2026-32210. Monitor for updates.