CVE-2025-29826
EUVD-2025-1444613.05.2025, 17:15
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| microsoft | dataverse | 𝑥 < 3.4.0.1406 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-280 - Improper Handling of Insufficient Permissions or PrivilegesThe application does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the application in an invalid state.
- CWE-755 - Improper Handling of Exceptional ConditionsThe software does not handle or incorrectly handles an exceptional condition.