Search criteria
6 vulnerabilities found for Microsoft Dynamics 365 Business Central 2022 Release Wave 2 by Microsoft
CVE-2024-21380 (GCVE-0-2024-21380)
Vulnerability from cvelistv5 – Published: 2024-02-13 18:02 – Updated: 2025-05-03 01:37
VLAI?
Title
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
Summary
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Dynamics 365 Business Central 2022 Release Wave 2 |
Affected:
21.0.0 , < Application Build 21.16.63199, Platform Build 21.0
(custom)
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:20:40.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-21T18:41:20.437790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T18:01:02.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 21.16.63199, Platform Build 21.0",
"status": "affected",
"version": "21.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2023 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 22.10.63195, Platform Build 22.0",
"status": "affected",
"version": "22.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2023 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 23.4.15715, Platform Build 23.0.",
"status": "affected",
"version": "23.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 21.16.63199, Platform Build 21.0",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 22.10.63195, Platform Build 22.0",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 23.4.15715, Platform Build 23.0.",
"versionStartIncluding": "23.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-02-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T01:37:39.965Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380"
}
],
"title": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-21380",
"datePublished": "2024-02-13T18:02:43.563Z",
"dateReserved": "2023-12-08T22:45:20.452Z",
"dateUpdated": "2025-05-03T01:37:39.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41127 (GCVE-0-2022-41127)
Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-07-22 17:49
VLAI?
Title
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Summary
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Dynamics NAV 2016 |
Affected:
1.0 , < Build 52203
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:35:49.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Build 52203",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2017",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Build 30712",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2018",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Build 49497",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2015",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "52204",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Dynamics 365 Business Central Spring 2019 Update",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 14.43.49498, Platform Build 14.0.49494",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 15.17.48428, Platform Build 15.0.48",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2020 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 17.17.38111, Platform Build 17.0.38061",
"status": "affected",
"version": "17.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2020 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 16.19.35126, Platform Build 16.35120",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 20.8.49971, Platform Build 20.0.49947",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 19.14.49970, Platform Build 19.0.49925",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 21.2.49990, Platform Build 21.0.49984",
"status": "affected",
"version": "21.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 18.18.46920, Platform Build 18.0.46905",
"status": "affected",
"version": "18.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2013 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "52297",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "Build 52203",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "Build 30712",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2018:*:*:*:*:*:*:*:*",
"versionEndExcluding": "Build 49497",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2015:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52204",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2019:*:spring_update:*:*:*:*:*:*",
"versionEndExcluding": "App Build 14.43.49498, Platform Build 14.0.49494",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2019:*:release_wave_2:*:*:on-premise:*:*:*",
"versionEndExcluding": "App Build 15.17.48428, Platform Build 15.0.48",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2020:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "App Build 17.17.38111, Platform Build 17.0.38061",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2020:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "App Build 16.19.35126, Platform Build 16.35120",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2022:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "App Build 20.8.49971, Platform Build 20.0.49947",
"versionStartIncluding": "20.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2021:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "App Build 19.14.49970, Platform Build 19.0.49925",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2022:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "App Build 21.2.49990, Platform Build 21.0.49984",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2021:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "App Build 18.18.46920, Platform Build 18.0.46905",
"versionStartIncluding": "18.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2013_R2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52297",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-12-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T17:49:27.342Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41127"
}
],
"title": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-41127",
"datePublished": "2022-12-13T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2025-07-22T17:49:27.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41066 (GCVE-0-2022-41066)
Vulnerability from cvelistv5 – Published: 2022-11-09 00:00 – Updated: 2025-01-02 21:31
VLAI?
Title
Microsoft Business Central Information Disclosure Vulnerability
Summary
Microsoft Business Central Information Disclosure Vulnerability
Severity ?
CWE
- Information Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Dynamics NAV 2018 |
Affected:
1.0 , < 49345
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:35:49.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Business Central Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41066"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2018",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "49345",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Dynamics 365 Business Central Spring 2019 Update",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 14.42.49347, Platform Build 14.0",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 21.1.48638, Platform Build 21.0.",
"status": "affected",
"version": "21.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 20.7.48483, Platform Build 20.0.",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 21.2.49990, Platform Build 21.0",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav:*:*:*:*:*:*:*:*",
"versionEndExcluding": "49345",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:spring_update:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 14.42.49347, Platform Build 14.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 21.1.48638, Platform Build 21.0.",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 20.7.48483, Platform Build 20.0.",
"versionStartIncluding": "20.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 21.2.49990, Platform Build 21.0",
"versionStartIncluding": "19.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-11-08T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Business Central Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T21:31:52.861Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Business Central Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41066"
}
],
"title": "Microsoft Business Central Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-41066",
"datePublished": "2022-11-09T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2025-01-02T21:31:52.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21380 (GCVE-0-2024-21380)
Vulnerability from nvd – Published: 2024-02-13 18:02 – Updated: 2025-05-03 01:37
VLAI?
Title
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
Summary
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
Severity ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Dynamics 365 Business Central 2022 Release Wave 2 |
Affected:
21.0.0 , < Application Build 21.16.63199, Platform Build 21.0
(custom)
|
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:20:40.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-21T18:41:20.437790Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T18:01:02.522Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 21.16.63199, Platform Build 21.0",
"status": "affected",
"version": "21.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2023 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 22.10.63195, Platform Build 22.0",
"status": "affected",
"version": "22.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2023 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 23.4.15715, Platform Build 23.0.",
"status": "affected",
"version": "23.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 21.16.63199, Platform Build 21.0",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 22.10.63195, Platform Build 22.0",
"versionStartIncluding": "22.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 23.4.15715, Platform Build 23.0.",
"versionStartIncluding": "23.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-02-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T01:37:39.965Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380"
}
],
"title": "Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-21380",
"datePublished": "2024-02-13T18:02:43.563Z",
"dateReserved": "2023-12-08T22:45:20.452Z",
"dateUpdated": "2025-05-03T01:37:39.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41127 (GCVE-0-2022-41127)
Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-07-22 17:49
VLAI?
Title
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Summary
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Dynamics NAV 2016 |
Affected:
1.0 , < Build 52203
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:35:49.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41127"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Build 52203",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2017",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Build 30712",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2018",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Build 49497",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2015",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "52204",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Dynamics 365 Business Central Spring 2019 Update",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 14.43.49498, Platform Build 14.0.49494",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 15.17.48428, Platform Build 15.0.48",
"status": "affected",
"version": "15.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2020 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 17.17.38111, Platform Build 17.0.38061",
"status": "affected",
"version": "17.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2020 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 16.19.35126, Platform Build 16.35120",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 20.8.49971, Platform Build 20.0.49947",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 19.14.49970, Platform Build 19.0.49925",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 21.2.49990, Platform Build 21.0.49984",
"status": "affected",
"version": "21.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "App Build 18.18.46920, Platform Build 18.0.46905",
"status": "affected",
"version": "18.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2013 R2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "52297",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "Build 52203",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2017:*:*:*:*:*:*:*:*",
"versionEndExcluding": "Build 30712",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2018:*:*:*:*:*:*:*:*",
"versionEndExcluding": "Build 49497",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2015:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52204",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2019:*:spring_update:*:*:*:*:*:*",
"versionEndExcluding": "App Build 14.43.49498, Platform Build 14.0.49494",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2019:*:release_wave_2:*:*:on-premise:*:*:*",
"versionEndExcluding": "App Build 15.17.48428, Platform Build 15.0.48",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2020:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "App Build 17.17.38111, Platform Build 17.0.38061",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2020:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "App Build 16.19.35126, Platform Build 16.35120",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2022:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "App Build 20.8.49971, Platform Build 20.0.49947",
"versionStartIncluding": "20.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2021:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "App Build 19.14.49970, Platform Build 19.0.49925",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2022:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "App Build 21.2.49990, Platform Build 21.0.49984",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central_2021:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "App Build 18.18.46920, Platform Build 18.0.46905",
"versionStartIncluding": "18.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav_2013_R2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "52297",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-12-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T17:49:27.342Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41127"
}
],
"title": "Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-41127",
"datePublished": "2022-12-13T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2025-07-22T17:49:27.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41066 (GCVE-0-2022-41066)
Vulnerability from nvd – Published: 2022-11-09 00:00 – Updated: 2025-01-02 21:31
VLAI?
Title
Microsoft Business Central Information Disclosure Vulnerability
Summary
Microsoft Business Central Information Disclosure Vulnerability
Severity ?
CWE
- Information Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Dynamics NAV 2018 |
Affected:
1.0 , < 49345
(custom)
|
||||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:35:49.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Business Central Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41066"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics NAV 2018",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "49345",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Dynamics 365 Business Central Spring 2019 Update",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 14.42.49347, Platform Build 14.0",
"status": "affected",
"version": "14.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 21.1.48638, Platform Build 21.0.",
"status": "affected",
"version": "21.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 20.7.48483, Platform Build 20.0.",
"status": "affected",
"version": "20.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "Application Build 21.2.49990, Platform Build 21.0",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:dynamics_nav:*:*:*:*:*:*:*:*",
"versionEndExcluding": "49345",
"versionStartIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:spring_update:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 14.42.49347, Platform Build 14.0",
"versionStartIncluding": "14.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 21.1.48638, Platform Build 21.0.",
"versionStartIncluding": "21.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_1:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 20.7.48483, Platform Build 20.0.",
"versionStartIncluding": "20.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:dynamics_365_business_central:*:release_wave_2:*:*:*:*:*:*",
"versionEndExcluding": "Application Build 21.2.49990, Platform Build 21.0",
"versionStartIncluding": "19.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-11-08T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Business Central Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T21:31:52.861Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Business Central Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41066"
}
],
"title": "Microsoft Business Central Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-41066",
"datePublished": "2022-11-09T00:00:00",
"dateReserved": "2022-09-19T00:00:00",
"dateUpdated": "2025-01-02T21:31:52.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}