<< Back
CVE Number Vulnerability Product Severity Date
CVE-2022-34700 Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability Microsoft Dynamics CRM(on-premises) Critical 26-09-2022

Technical Information

This is a remote code execution vulnerability in on-premises Microsoft Dynamics CRM. An authenticated user could run a specially crafted trusted solution package to execute arbitrary SQL commands. From there the attacker could escalate and execute commands as db_owner within their Dynamics CRM database.

Further information on this vulnerability is available at : CVE-2022-34700

Affected Software

Microsoft Dynamics CRM (on-premises) 9.0
Microsoft Dynamics CRM (on-premises) 9.1