Vulners
Lucene search
Microsoft Dynamics AX Installed
| Source | Link |
|---|---|
| dynamics | www.dynamics.microsoft.com/en-us/ax-overview/ |
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(59453);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/02/01");
script_name(english:"Microsoft Dynamics AX Installed");
script_summary(english:"Checks for DAX installation");
script_set_attribute(
attribute:"synopsis",
value:
"An enterprise resource planning (ERP) solution is installed on the
remote Windows host."
);
script_set_attribute(
attribute:"description",
value:
"Microsoft Dynamics AX, an ERP solution, is installed on the remote
host."
);
script_set_attribute(attribute:"see_also", value:"https://dynamics.microsoft.com/en-us/ax-overview/");
script_set_attribute(attribute:"solution", value:"n/a");
script_set_attribute(attribute:"risk_factor", value:"None");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:microsoft:windows");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:dynamics_ax");
script_set_attribute(attribute:"asset_inventory", value:"True");
script_set_attribute(attribute:"hardware_inventory", value:"True");
script_set_attribute(attribute:"os_identification", value:"True");
script_set_attribute(attribute:"agent", value:"windows");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("smb_hotfixes.nasl");
script_require_keys("SMB/Registry/Enumerated", "SMB/ARCH");
script_require_ports(139, 445);
exit(0);
}
include("smb_func.inc");
include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
include("smb_reg_query.inc");
include("misc_func.inc");
include("audit.inc");
arch = get_kb_item_or_exit('SMB/ARCH');
registry_init();
hklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);
# pretty sure this can only be installed on 64 bit OSes but just to be on the safe side...
dax_key = "SOFTWARE\Microsoft\Dynamics\";
installs = make_array();
installed_components = make_array();
subkeys = get_registry_subkeys(handle:hklm, key:dax_key);
if (!max_index(subkeys) && arch == 'x64')
{
dax_key = "SOFTWARE\Wow6432Node\Microsoft\Dynamics\";
subkeys = get_registry_subkeys(handle:hklm, key:dax_key);
}
foreach version (subkeys)
{
if (version !~ '^[0-9.]+$') continue;
path = get_registry_value(handle:hklm, item:dax_key + version + "\Setup\InstallDir");
if (isnull(path))
{
path = get_registry_value(handle:hklm, item:dax_key + version + "\Setup\Application\");
if (path) path -= "\Application";
}
if (!isnull(path))
{
installs[version] = path;
components_key = "SOFTWARE\Microsoft\Dynamics\" + version + "\Setup\Components\";
component_subkeys = get_registry_subkeys(handle:hklm, key:components_key);
# keep track of what (if any) components are installed for each version of DAX
foreach component (component_subkeys)
{
status = get_registry_value(handle:hklm, item:components_key + component + "\");
if (status == 'Installed')
{
if (isnull(installed_components[version]))
installed_components[version] = make_list(component);
else
installed_components[version] = make_list(installed_components[version], component);
}
}
}
}
RegCloseKey(handle:hklm);
if (max_index(keys(installs)) == 0)
{
close_registry();
audit(AUDIT_NOT_INST, 'Microsoft Dynamics');
}
else
close_registry(close:FALSE);
# it appears only one version can be installed at once, but it's possible multiple versions will show
# up in the registry due to unclean uninstalls. the plugin will stop on the first verified install
installed = FALSE;
foreach version (keys(installs))
{
path = installs[version];
if ('4.0' >< version) dll = path + "\Client\Bin\Ax32.exe";
else
dll = path + "\Setup\Microsoft.Dynamics.Setup.Components.dll";
if (hotfix_file_exists(path:dll))
{
set_kb_item(name:'SMB/microsoft_dynamics_ax/path', value:path);
set_kb_item(name:'SMB/microsoft_dynamics_ax/ver', value:version); # not granular enough for most version checks (e.g. "6.0")
foreach component (installed_components[version])
set_kb_item(name:'SMB/microsoft_dynamics_ax/installed_component/' + component, value:TRUE);
installed = TRUE;
break;
}
}
hotfix_check_fversion_end();
if (!installed)
audit(AUDIT_UNINST, 'Microsoft Dynamics');
port = kb_smb_transport();
report =
'\n Path : ' + path +
'\n Version : ' + version + '\n';
if (installed_components[version])
report += ' Installed Components : ' + join(installed_components[version], sep:', ') + '\n';
security_report_v4(port:port, extra:report, severity:SECURITY_NOTE);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Feb 2022 00:00Current
5.4Medium risk
Vulners AI Score5.4