Lucene search

[email protected]NVD:CVE-2024-43460

HistorySep 17, 2024 - 7:15 p.m.

CVE-2024-43460

2024-09-1719:15:27

CWE-285

[email protected]

web.nvd.nist.gov

improper authorization

dynamics 365

business central

authenticated attacker

elevate privileges

network vulnerability

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

16.8%

JSON

Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network.

Affected configurations

Nvd

Node

microsoftdynamics_365_business_centralMatch--

VendorProductVersionCPE
microsoftdynamics_365_business_central-cpe:2.3:a:microsoft:dynamics_365_business_central:-:-:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	dynamics_365_business_central	-	cpe:2.3:a:microsoft:dynamics_365_business_central:-:-::::::

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43460

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

16.8%

JSON

Related for NVD:CVE-2024-43460

vulnrichment1 kaspersky1 cvelist1 mscve1 cve1