Vulnerabilities > CVE-2019-1229 - Unspecified vulnerability in Microsoft Dynamics 365 9.0

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
microsoft
nessus

Summary

An elevation of privilege vulnerability exists in Dynamics On-Premise v9, aka 'Dynamics On-Premise Elevation of Privilege Vulnerability'.

Vulnerable Configurations

Part Description Count
Application
Microsoft
1

Nessus

NASL familyWindows
NASL idSMB_NT_MS19_AUG_MICROSOFT_DYNAMICS.NASL
descriptionThe Microsoft Dynamics 365 (on-premises) install is missing a security update. It is, therefore, affected by the following vulnerability : - An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability could leverage a customizer privilege within Dynamics to gain control of the Web Role hosting the Dynamics installation. (CVE-2019-1229)
last seen2020-06-01
modified2020-06-02
plugin id127861
published2019-08-14
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/127861
titleSecurity Updates for Microsoft Dynamics 365 (on-premises) (August 2019)