CVE-2025-29826
13.05.2025, 17:15
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network.Enginsight
| Vendor | Product | Version |
|---|---|---|
| microsoft | dataverse | 𝑥 < 3.4.0.1406 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-280 - Improper Handling of Insufficient Permissions or PrivilegesThe application does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the application in an invalid state.
- CWE-755 - Improper Handling of Exceptional ConditionsThe software does not handle or incorrectly handles an exceptional condition.