Lucene search
HistoryJun 11, 2024 - 5:16 p.m.
CVE-2024-35249
microsoft dynamics 365
remote code execution
vulnerability
cve-2024-35249
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.8%
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
Affected configurations
Node
microsoftdynamics_365_business_centralMatch2024release_wave_1release_wave_1
ORmicrosoftdynamics_365_business_centralRange22.0.0–22.0release_wave_1release_wave_1
ORmicrosoftdynamics_365_business_centralRange23.0.0–23.0release_wave_2release_wave_2
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Dynamics 365 Business Central 2024 Release Wave 1",
"cpes": [
"cpe:2.3:a:microsoft:dynamics_365_business_central:2024:release_wave_1:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "24.0",
"lessThan": "Application Build 24.1.19498, Platform Build 24.0.",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Dynamics 365 Business Central 2023 Release Wave 1",
"cpes": [
"cpe:2.3:a:microsoft:dynamics_365_business_central:2023:release_wave_1:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "22.0.0",
"lessThan": "Application Build 22.13.64344, Platform Build 22.0",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Dynamics 365 Business Central 2023 Release Wave 2",
"cpes": [
"cpe:2.3:a:microsoft:dynamics_365_business_central:2023:release_wave_2:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "23.0.0",
"lessThan": "Application Build 23.7.18957, Platform Build 23.0.",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2024-35249
2024-06-11 17:16:02
mscve
mscve
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
2024-06-11 07:00:00
cvelist
cvelist
vulnrichment
vulnrichment
mskb
mskb
Update 23.7 for Microsoft Dynamics 365 Business Central (on-premises) 2023 Release Wave 2 (Application Build 23.7.18957, Platform Build 23.0.18933)
2024-06-11 07:00:00
nessus
nessus
Security Updates for Microsoft Dynamics 365 Business Central (June 2024)
2024-06-13 00:00:00
kaspersky
kaspersky
KLA68917 Multiple vulnerabilities in Microsoft Dynamics
2024-06-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2024
2024-06-11 19:43:48
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.8%
Related for CVE-2024-35249