CVE-2024-38182

Summary

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.

Affected Software

VendorProductVersion RangeStatus
MicrosoftDynamics 365 Field Service (on-premises) v7 series-affected

Weaknesses

  • CWE-1390: CWE-1390: Weak Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References