6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.3 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.019 Low
EPSS
Percentile
88.4%
02/09/2021
High
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface.
Microsoft Dynamics NAV 2017
Microsoft Dynamics NAV 2018
Microsoft Dynamics 365 (on-premises) version 8.2
Microsoft Dynamics NAV 2016
Microsoft Dynamics 365 (on-premises) version 9.0
Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)
Microsoft Dynamics 365 Business Central 2020 Release Wave 1
Microsoft Dynamics NAV 2015
Microsoft Dynamics 365 Business Central 2020 Release Wave 2
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
OSI
CVE-2021-241016.5High
CVE-2021-17246.1High
support.microsoft.com/kb/4595460
support.microsoft.com/kb/4595463
support.microsoft.com/kb/4602915
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1724
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24101
nvd.nist.gov/vuln/detail/CVE-2021-1724
nvd.nist.gov/vuln/detail/CVE-2021-24101
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Microsoft-Dynamics-365/
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.3 Medium
AI Score
Confidence
High
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.019 Low
EPSS
Percentile
88.4%