Microsoft Dynamics 365 Sales Server-Side Request Forgery Vulnerability Allowing Privilege Escalation

Vulnerability

A Server-Side Request Forgery (SSRF) vulnerability has been identified in Microsoft Dynamics 365 Sales. This vulnerability allows an authorized attacker to manipulate requests sent from the server, potentially leading to unauthorized access or actions within the network. The issue arises from insufficient validation of server-side requests, enabling attackers to exploit the application's request handling capabilities.

Impact

Exploitation of this vulnerability could allow an authorized attacker to elevate privileges, gaining unauthorized access to resources or functionalities within the application or network.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Dynamics 365 Sales Server-Side Request Forgery Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Affected Products

Microsoft Dynamics 365 Sales

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating