CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
20.3%
Multiple vulnerabilities was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to perform cross-site scripting attack.
CVE-2020-17018 high
CVE-2020-17005 high
CVE-2020-17006 high
CVE-2020-17021 high
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Cross site scripting. Exploitation of vulnerabilities with this impact can lead to partial interception of information transmitted between user and site.
support.microsoft.com/kb/4577009
support.microsoft.com/kb/4584611
support.microsoft.com/kb/4584612
nvd.nist.gov/vuln/detail/CVE-2020-17005
nvd.nist.gov/vuln/detail/CVE-2020-17006
nvd.nist.gov/vuln/detail/CVE-2020-17018
nvd.nist.gov/vuln/detail/CVE-2020-17021
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Dynamics-365/
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
20.3%