CVE-2022-21891: Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

Overview

Severity

High (CVSS 7.6)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2022-Jan

Released

2022-01-11

EPSS Score

3.65% (percentile: 87.9%)

Affected Products (1)

Microsoft Dynamics

• Dynamics 365 Sales

Acknowledgments

Pontus Persson with <a href="https://omegapoint.se/">Omegapoint</a>

Revision History

• 2022-01-11: Information published.