Lucene search
K
MicrosoftDynamics Nav2016

6 matches found

CVE
CVE
added 2022/12/13 12:0 a.m.157 views

CVE-2022-41127

CVE-2022-41127 affects Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central On‑Premises. Descriptions in connected docs confirm a remote code execution vulnerability and that Microsoft released updates to fix it (e.g., Update 16.19 for BC 2020 Wave 1, Update 17.17 for BC 2020 Wave 2...

8.5CVSS8.5AI score0.0157EPSS
CVE
CVE
added 2020/03/12 3:48 p.m.122 views

CVE-2020-0905

CVE-2020-0905 is a remote code execution vulnerability in Microsoft Dynamics Business Central (and Dynamics NAV) via deserialization in the Role-Tailored Client that could allow an attacker to execute arbitrary shell commands on a vulnerable system. Multiple connected sources corroborate an RCE r...

8CVSS8AI score0.10838EPSS
CVE
CVE
added 2020/04/15 3:13 p.m.120 views

CVE-2020-1018

CVE-2020-1018 concerns Microsoft Dynamics 365 Business Central/NAV on-premises where masked fields shown on a chart page are not properly hidden, exposing information that should be concealed. The info-disclosure vulnerability stems from the rendering of masked content in the Windows client; the ...

7.5CVSS7AI score0.06158EPSS
CVE
CVE
added 2020/04/15 3:13 p.m.99 views

CVE-2020-1022

CVE-2020-1022 is a documented remote code execution vulnerability affecting Microsoft Dynamics 365 Business Central (and NAV variants). The connected Red Hat/Qualys/Nessus entries corroborate an RCE impacting Dynamics BC/NAV, with patch guidance referencing CVE-2020-1022 (e.g., Update 15.5 for BC...

8CVSS8AI score0.06831EPSS
CVE
CVE
added 2021/02/25 11:1 p.m.98 views

CVE-2021-1724

CVE-2021-1724 corresponds to a Cross-site Scripting vulnerability in Microsoft Dynamics Business Central. The connected data confirms an XSS issue caused by improper validation of user-supplied input in the web-facing Links and Notes feature, which authenticated attackers can exploit by crafting ...

6.1CVSS6AI score0.01178EPSS
CVE
CVE
added 2018/12/12 12:0 a.m.75 views

CVE-2018-8651

CVE-2018-8651 describes an XSS vulnerability in Microsoft Dynamics NAV where the server does not properly sanitize crafted web requests. A logged-in attacker could exploit this via a specially crafted web request to execute script in a user’s browser, potentially reading data, altering UI, or tak...

5.4CVSS4.9AI score0.01463EPSS