Skip to main content

Dynamics 365 Business Central CVE-2022-41127

HIGH
2022-12-13 secure@microsoft.com
8.5
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
8.5 HIGH
AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 13, 2022 - 19:15 cve.org
HIGH 8.5

DescriptionCVE.org

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

AnalysisAI

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability Affected products include: Microsoft Dynamics 365 Business Central, Microsoft Dynamics Nav.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-38225 CRITICAL
9.8 Sep 10

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this v

CVE-2024-43460 HIGH
8.8 Sep 17

Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacke

CVE-2024-35249 HIGH
8.8 Jun 11

Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulner

CVE-2024-21380 HIGH
8.0 Feb 13

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability. Rated high severity (CVSS 8.0), this vulne

CVE-2021-34474 HIGH
8.0 Jul 14

Dynamics Business Central Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is rem

CVE-2020-1022 HIGH
8.0 Apr 15

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remo

CVE-2020-0905 HIGH
8.0 Mar 12

An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Rem

CVE-2020-1018 HIGH
7.5 Apr 15

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly

CVE-2024-35248 HIGH
7.3 Jun 11

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulne

CVE-2023-38167 HIGH
7.2 Aug 08

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulne

CVE-2021-1724 MEDIUM
6.1 Feb 25

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerabi

CVE-2021-40440 MEDIUM
5.4 Sep 15

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerabi

Share

CVE-2022-41127 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy