Dynamics Gp Security Vulnerabilities and Issues — Dynamics Gp CVE List

MicrosoftDynamics Gp

9 matches found

CVE•added 2022/02/09 4:37 p.m.•265 views

CVE-2022-23269

CVE-2022-23269 is a Microsoft Dynamics GP spoofing vulnerability. Connected PT-Security notes the flaw affects Microsoft Dynamics GP with UI representation errors enabling remote spoofing, but does not specify affected versions. Kaspersky KLA lists it among Microsoft Dynamics GP issues and recomm...

5.4CVSS5.8AI score0.01125EPSS

CVE•added 2022/02/09 4:37 p.m.•165 views

CVE-2022-23274

CVE-2022-23274 affects Microsoft Dynamics GP with a remote code execution vulnerability. Kaspersky attributes the issue to incorrect code generation management in Microsoft Dynamics GP, enabling remote execution by an attacker. Affected versions are not specified in the provided materials; no exp...

8.8CVSS8.9AI score0.02074EPSS

CVE•added 2022/02/09 4:37 p.m.•111 views

CVE-2022-23272

CVE-2022-23272 maps to Microsoft Dynamics GP Elevation of Privilege Vulnerability. Affected product is Microsoft Dynamics GP; CVSSv3 base score listed as HIGH (8.8) with an exploit vector of network, low attack complexity, and low privileges required. The published description in the connected so...

9CVSS8AI score0.02466EPSS

CVE•added 2022/02/09 4:37 p.m.•92 views

CVE-2022-23271

CVE-2022-23271 affects Microsoft Dynamics GP with an Elevation of Privilege vulnerability caused by insecure privilege management in Microsoft Dynamics GP. Public materials identify affected product as Microsoft Dynamics GP and note privilege escalation as the impact; remediation guidance points ...

9CVSS6.7AI score0.03496EPSS

CVE•added 2022/02/09 4:37 p.m.•88 views

CVE-2022-23273

CVE-2022-23273 is a Microsoft Dynamics GP Elevation of Privilege vulnerability. Multiple connected sources attribute a flaw in Microsoft Dynamics GP related to insecure privilege management, enabling a remote attacker to escalate privileges within GP. The affected product is Microsoft Dynamics GP...

9CVSS7AI score0.02128EPSS

CVE•added 2010/05/26 7:0 p.m.•50 views

CVE-2010-2083

CVE-2010-2083 involves Microsoft Dynamics GP where the system password has a default value of ACCESS. The connected sources confirm this as a design/configuration issue that could allow remote authenticated users to bypass access restrictions via unspecified vectors. The documents do not specify ...

4CVSS6.3AI score0.08494EPSS

CVE•added 2010/05/21 8:0 p.m.•39 views

CVE-2010-2011

Microsoft Dynamics GP is affected by CVE-2010-2011, where a substitution cipher used to encrypt the system password field (and unspecified other fields) can allow remote authenticated users to decrypt content and obtain sensitive information. The vulnerability stems from weak/encryption method us...

4CVSS6.1AI score0.10741EPSS

CVE•added 2008/06/30 9:0 p.m.•35 views

CVE-2006-5265

CVE-2006-5265 affects Microsoft Dynamics GP (Great Plains) 9.0 and earlier. The vulnerability lies in the Distributed Process Server (DPS) (and DPS messages) where an invalid magic number in a DPS message can cause a crash (DoS). Threats described in connected documents also include DPS overflow ...

5CVSS6.6AI score0.10419EPSS

CVE•added 2008/06/30 9:0 p.m.•33 views

CVE-2006-5266

Microsoft Dynamics GP (Great Plains) versions up to 9.0 are affected by multiple buffer-overflow vulnerabilities in DPS/DPM components. Exploitation possible via crafted DPS/DPM messages: long strings, long IPs, or invalid magic numbers, leading to remote code execution with partial impact on con...

7.5CVSS7.7AI score0.15695EPSS