Detections
Analytics

Security Updates for Microsoft Dynamics 365 (on-premises) (February 2023)

medium Nessus Plugin ID 171544

Language:

Version 1.9

Sep 4, 2023, 4:15 PM

  • CVSS metrics ("CVSSv2 score" changed from 7.8 to 6.8. "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N" to "CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N". "CVSSv3 score" changed from 7.5 to 6.5)
  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
  • CVSSv2 severity (based on CVE-2023-24922, severity decreased from "High" to "Medium")
  • CVSSv3 score source (set to "CVE-2023-24922")
  • CVSSv3 severity (based on CVE-2023-24922, severity decreased from "High" to "Medium")
  • Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available")

Plugin Feed: 202309041615

Version 1.8

Apr 13, 2023, 7:01 PM

  • IAVM reference

Plugin Feed: 202304131901

Version 1.7

Mar 21, 2023, 7:30 PM

  • CVSSv3 severity (based on CVE-2023-24922, severity increased from "Medium" to "High")
  • CVSS metrics ("CVSSv2 score" changed from "6.8" to "7.8". "CVSSv2 score" changed from "6.8" to "7.8". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N". "CVSSv3 score" changed from "6.5" to "7.5". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N". "CVSSv3 score" changed from "6.5" to "7.5". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N" to "CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" to "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N". "CVSSv3 score" changed from "6.5" to "7.5")
  • CVSSv2 severity (based on CVE-2023-24922, severity increased from "Medium" to "High")
  • CVSSv3 score source (set to "CVE-2023-24922")
  • Exploit attributes ("Exploit available" set to "False")

Plugin Feed: 202303211930

Version 1.6

Mar 17, 2023, 2:09 PM

  • CVSS metrics ("CVSSv2 score" changed from "6.5" to "6.8". "CVSSv2 score" changed from "6.5" to "6.8". "CVSSv2 score" changed from "6.5" to "6.8". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N" to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N" to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N" to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N". "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N" to "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N")
  • CVSSv2 score source (changed from "CVE-2023-21572" to "CVE-2023-24922")
  • CVSSv3 score source (changed from "CVE-2023-21807" to "CVE-2023-24922")
  • Exploit attributes ("Exploit available" set to "False")

Plugin Feed: 202303171409

Version 1.5

Mar 16, 2023, 8:07 PM

  • CVSS metrics (updated CVEs to include march data)

Plugin Feed: 202303162007

Version 1.4

Mar 16, 2023, 4:17 PM

  • IAVM reference

Plugin Feed: 202303161617

Version 1.3

Feb 24, 2023, 2:05 PM

  • CVSS metrics ("CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L" to "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N")
  • CVSSv3 score source (set to "CVE-2023-21807")
  • Exploit attributes ("Exploit available" set to "False")

Plugin Feed: 202302241405

Version 1.2

Feb 20, 2023, 2:37 PM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "False". "Exploit available" set to "False". "Exploit available" set to "False". "Exploit available" set to "False". "Exploitability ease" set to "No known exploits are available". "Exploitability ease" set to "No known exploits are available". "Exploitability ease" set to "No known exploits are available")
  • CVSS metrics ("CVSSv2 score" changed from "6.0" to "6.5". "CVSSv2 score" changed from "6.0" to "6.5". "CVSSv2 score" changed from "6.0" to "6.5". "CVSSv2 score" changed from "6.0" to "6.5". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P" to "CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P")

Plugin Feed: 202302201437

Version 1.1

Feb 17, 2023, 10:07 PM

  • STIG Severity (set to "I")
  • IAVM reference

Plugin Feed: 202302172207

Version 1.0

Feb 16, 2023, 2:06 PM

  • New

Plugin Feed: 202302161406

* Changelogs are generally available for changes made after Nov 1, 2022