The Microsoft Dynamics 365 (on-premises) is missing a security update. It is, therefore, affected by the following vulnerabilities:
– A remote code execution vulnerability. An attacker can exploit this to execute unauthorized arbitrary commands in the context of the db_owner. (CVE-2022-34700, CVE-2022-35085)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More