Primary

Context

Microsoft Dynamics 365 (On-Premises) Improper Access Control Information Disclosure Vulnerability

Vulnerability

Patched

A vulnerability exists in Microsoft Dynamics 365 (on-premises) due to improper access control, allowing an authorized attacker to locally disclose sensitive information.

Impact

Exploitation of this vulnerability could lead to unauthorized local access to sensitive information.

Remediation

Users can download the security update for Microsoft Dynamics 365 (on-premises) version 9.0 from the Microsoft Update Catalog. For more information, refer to the Microsoft Knowledge Base article 5078943.

Added: Apr 14, 2026, 7:12 PM

Updated: Apr 14, 2026, 7:12 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

5.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

5.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Dynamics 365 (On-Premises) Improper Access Control Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Dynamics 365

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating