Lucene search
Veracode Vulnerability DatabaseVERACODE:20695HistoryJul 08, 2019 - 10:41 a.m.
Privilege Escalation
2019-07-0810:41:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
49.5%
Microsoft Dynamics On-Premise is vulnerable to Security Feature Bypass. An attacker could gain elevated privileges by capturing and editing the POST request to include a special character in the extension which may leads to modification of information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft.xrm.client.2015 | le | 7.0.1 | |
| microsoft.xrm.portal.2015 | le | 7.0.1 | |
| microsoft.xrm.client.2015 | le | 7.0.1 | |
| microsoft.xrm.portal.2015 | le | 7.0.1 |
Related
symantec
symantec
Microsoft Dynamics On-Premise CVE-2019-1008 Security Bypass Vulnerability
2019-05-14 00:00:00
mskb
mskb
Description of the security update for the security feature bypass vulnerability in Microsoft Dynamics 365 (on-premises) version 9.0: May 14, 2019
2019-05-14 07:00:00
prion
prion
Security feature bypass
2019-05-16 19:29:00
nvd
nvd
CVE-2019-1008
2019-05-16 19:29:05
mscve
mscve
Microsoft Dynamics On-Premise Security Feature Bypass
2019-05-14 07:00:00
cve
cve
CVE-2019-1008
2019-05-16 19:29:05
nessus
nessus
Security Update for Microsoft Dynamics 365 (on-premises) (May 2019)
2019-07-12 00:00:00
kaspersky
kaspersky
KLA11482 SB vulnerability in Microsoft Dynamics
2019-05-14 00:00:00
cvelist
cvelist
CVE-2019-1008
2019-05-16 18:24:57
talosblog
talosblog