Dynamics 365 and Power Apps Security Flaws Exposed: A Comedy of Vulnerabilities
Dynamics 365 and Power Apps Web API faced three security vulnerabilities, now patched, that exposed sensitive data. Discovered by Stratus Security, two issues were in Power Platform’s OData Web API Filter and one in FetchXML API. These flaws allowed unauthorized access to sensitive information, highlighting the need for constant cybersecurity vigilance.
Hot Take:
If you thought your biggest worry with Microsoft was Windows updates restarting your computer at the worst possible time, think again! Dynamics 365 and Power Apps Web API were more like a piñata filled with customer data, just waiting for a gentle crack to spill out all the goodies. But don’t worry, Microsoft’s got their broom and dustpan out to sweep up that mess!
Key Points:
- Three security vulnerabilities in Dynamics 365 and Power Apps Web API were discovered and patched.
- The issues were found by Stratus Security and have been patched as of May 2024.
- Two vulnerabilities were in the Power Platform’s OData Web API Filter, and one in the FetchXML API.
- Vulnerabilities allowed unauthorized data access, including sensitive personal and financial information.
- Exploiting these could lead to cracked passwords or data being sold.
Already a member? Log in here