Skip to main content

Power Platform

3 CVEs product

Monthly

CVE-2024-38190 HIGH PATCH This Week

Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Power Platform
NVD
CVSS 3.1
8.6
EPSS
1.1%
CVE-2024-35260 CRITICAL Act Now

An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Power Platform
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-36019 HIGH PATCH This Week

Microsoft Power Platform Connector Spoofing Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Azure Logic Apps Power Platform
NVD
CVSS 3.1
7.4
EPSS
16.2%
EPSS 1% CVSS 8.6
HIGH PATCH This Week

Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Power Platform
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Power Platform
NVD
EPSS 16% CVSS 7.4
HIGH PATCH This Week

Microsoft Power Platform Connector Spoofing Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Azure Logic Apps +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy