VDB
CVE-2023-24896
CVE-2023-24896
PUBLISHED
Es existieren mehrere Schwachstellen in Microsoft Apps und Microsoft Dynamics 365. Die Fehler bestehen aufgrund eines Spoofing-Problems. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen und Daten zu manipulieren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
EPSS 0.36% · 58.8th percentile
Risk Scores
EPSS Score
0.36%
58.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Apps Power Apps | |
| Microsoft | Microsoft Dynamics 365 for Finance and Operations |
Exploit Intelligence
- https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1 (msrc)
- .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability (circl)
- Dynamics 365 Finance Spoofing Vulnerability (circl)
- rules.yar (github-yara)
- rules.yar (github-yara)
- rules.yar (github-yara)
- rules.yar (github-yara)
- rules.yar (github-yara)
- rules.yar (github-yara)
- CVE-2023-4863.yar (github-yara)
…and 5 more exploits
Timeline
- Jun 13, 2023 CVE Published
- Jul 15, 2023 EPSS Score
- Aug 18, 2023 EPSS Score
- Sep 22, 2023 EPSS Score
- Oct 5, 2023 PoC Published
- Nov 30, 2023 EPSS Score
- Jan 3, 2024 EPSS Score
- Feb 7, 2024 EPSS Score
- Mar 12, 2024 EPSS Score
- Apr 16, 2024 EPSS Score
- May 20, 2024 EPSS Score
- Jul 29, 2024 EPSS Score