Skip to main content

Dynamics 365 Business Central

14 CVEs product

Monthly

CVE-2024-43460 HIGH PATCH This Week

Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Dynamics 365 Business Central
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-38225 CRITICAL PATCH Act Now

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Microsoft Dynamics 365 Business Central
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-35249 HIGH PATCH This Week

Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft Dynamics 365 Business Central
NVD
CVSS 3.1
8.8
EPSS
3.4%
CVE-2024-35248 HIGH PATCH This Week

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Dynamics 365 Business Central
NVD
CVSS 3.1
7.3
EPSS
0.9%
CVE-2024-21380 HIGH PATCH This Week

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Dynamics 365 Business Central
NVD
CVSS 3.1
8.0
EPSS
1.7%
CVE-2023-38167 HIGH PATCH This Week

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Dynamics 365 Business Central
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-41127 HIGH This Week

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Microsoft Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
8.5
EPSS
1.6%
CVE-2021-40440 MEDIUM PATCH This Month

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365 Business Central
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2021-36946 MEDIUM PATCH This Month

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-34474 HIGH PATCH This Week

Dynamics Business Central Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

RCE Dynamics 365 Business Central
NVD
CVSS 3.1
8.0
EPSS
1.9%
CVE-2021-1724 MEDIUM PATCH This Month

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
6.1
EPSS
1.2%
CVE-2020-1022 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
8.0
EPSS
6.8%
CVE-2020-1018 HIGH PATCH This Week

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
7.5
EPSS
6.2%
CVE-2020-0905 HIGH PATCH This Week

An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
8.0
EPSS
10.8%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Dynamics 365 Business Central
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Microsoft Dynamics 365 Business Central
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization RCE Microsoft +1
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Dynamics 365 Business Central
NVD
EPSS 2% CVSS 8.0
HIGH PATCH This Week

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Dynamics 365 Business Central
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Authentication Bypass Dynamics 365 Business Central
NVD
EPSS 2% CVSS 8.5
HIGH This Week

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

RCE Microsoft Dynamics 365 Business Central +1
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365 Business Central
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365 Business Central +1
NVD
EPSS 2% CVSS 8.0
HIGH PATCH This Week

Dynamics Business Central Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable.

RCE Dynamics 365 Business Central
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365 Business Central +1
NVD
EPSS 7% CVSS 8.0
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365 Business Central +1
NVD
EPSS 6% CVSS 7.5
HIGH PATCH This Week

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Dynamics 365 Business Central +1
NVD
EPSS 11% CVSS 8.0
HIGH PATCH This Week

An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365 Business Central +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy