Lucene search
K
MicrosoftDynamics Nav2015

5 matches found

CVE
CVE
added 2020/03/12 3:48 p.m.123 views

CVE-2020-0905

CVE-2020-0905 is a remote code execution vulnerability in Microsoft Dynamics Business Central (and Dynamics NAV) via deserialization in the Role-Tailored Client that could allow an attacker to execute arbitrary shell commands on a vulnerable system. Multiple connected sources corroborate an RCE r...

8CVSS8AI score0.10838EPSS
CVE
CVE
added 2020/04/15 3:13 p.m.121 views

CVE-2020-1018

CVE-2020-1018 concerns Microsoft Dynamics 365 Business Central/NAV on-premises where masked fields shown on a chart page are not properly hidden, exposing information that should be concealed. The info-disclosure vulnerability stems from the rendering of masked content in the Windows client; the ...

7.5CVSS7AI score0.06158EPSS
CVE
CVE
added 2020/12/09 11:36 p.m.102 views

CVE-2020-17133

CVE-2020-17133 is a Microsoft Dynamics Business Central/NAV information-disclosure vulnerability. The root cause is that the Password field in the Document Service table is not masked, which could allow an authenticated remote attacker (as a system user) to reveal passwords. Public references in ...

6.5CVSS5.7AI score0.03658EPSS
CVE
CVE
added 2020/04/15 3:13 p.m.100 views

CVE-2020-1022

CVE-2020-1022 is a documented remote code execution vulnerability affecting Microsoft Dynamics 365 Business Central (and NAV variants). The connected Red Hat/Qualys/Nessus entries corroborate an RCE impacting Dynamics BC/NAV, with patch guidance referencing CVE-2020-1022 (e.g., Update 15.5 for BC...

8CVSS8AI score0.06831EPSS
CVE
CVE
added 2021/02/25 11:1 p.m.98 views

CVE-2021-1724

CVE-2021-1724 corresponds to a Cross-site Scripting vulnerability in Microsoft Dynamics Business Central. The connected data confirms an XSS issue caused by improper validation of user-supplied input in the web-facing Links and Notes feature, which authenticated attackers can exploit by crafting ...

6.1CVSS6AI score0.01178EPSS