Microsoft Dynamics 365 Business Central

Do you want an email whenever new security vulnerabilities are reported in Microsoft Dynamics 365 Business Central?

Recent Microsoft Dynamics 365 Business Central Security Advisories

Advisory	Title	Published
CVE-2022-41127	Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability	December 13, 2022

By the Year

In 2023 there have been 1 vulnerability in Microsoft Dynamics 365 Business Central with an average score of 7.2 out of ten. Last year Dynamics 365 Business Central had 2 security vulnerabilities published. Right now, Dynamics 365 Business Central is on track to have less security vulnerabilities in 2023 than it did last year. However, the average CVE base score of the vulnerabilities in 2023 is greater by 0.75.

Year	Vulnerabilities	Average Score
2023	1	7.20
2022	2	6.45
2021	4	5.70
2020	3	7.83
2019	0	0.00
2018	0	0.00

It may take a day or so for new Dynamics 365 Business Central vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Dynamics 365 Business Central Security Vulnerabilities

Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability

CVE-2023-38167 7.2 - High - August 08, 2023

Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

CVE-2022-41127 8.5 - High - December 13, 2022

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

Microsoft Business Central Information Disclosure Vulnerability

CVE-2022-41066 4.4 - Medium - November 09, 2022

Microsoft Business Central Information Disclosure Vulnerability

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-40440 5.4 - Medium - September 15, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-36946 5.4 - Medium - August 12, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

XSS

Dynamics Business Central Remote Code Execution Vulnerability

CVE-2021-34474 7.2 - High - July 14, 2021

Dynamics Business Central Remote Code Execution Vulnerability

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-1724 4.8 - Medium - February 25, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

XSS

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information

CVE-2020-1018 7.5 - High - April 15, 2020

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a masked field.The security update addresses the vulnerability by updating the rendering engine the Windows client to properly detect masked fields and render the content as masked., aka 'Microsoft Dynamics Business Central/NAV Information Disclosure'.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Dynamics Business Central

CVE-2020-1022 8 - High - April 15, 2020

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.

Injection

An remote code execution vulnerability exists in Microsoft Dynamics Business Central

CVE-2020-0905 8 - High - March 12, 2020

An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Dynamics Nav or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Dynamics 365 Business Central
Product

Microsoft Dynamics 365 Business Central

Recent Microsoft Dynamics 365 Business Central Security Advisories

By the Year

Recent Microsoft Dynamics 365 Business Central Security Vulnerabilities

Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability CVE-2023-38167 7.2 - High - August 08, 2023

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability CVE-2022-41127 8.5 - High - December 13, 2022

Microsoft Business Central Information Disclosure Vulnerability CVE-2022-41066 4.4 - Medium - November 09, 2022

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability CVE-2021-40440 5.4 - Medium - September 15, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability CVE-2021-36946 5.4 - Medium - August 12, 2021

Dynamics Business Central Remote Code Execution Vulnerability CVE-2021-34474 7.2 - High - July 14, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability CVE-2021-1724 4.8 - Medium - February 25, 2021

A remote code execution vulnerability exists in Microsoft Dynamics Business Central CVE-2020-1022 8 - High - April 15, 2020

An remote code execution vulnerability exists in Microsoft Dynamics Business Central CVE-2020-0905 8 - High - March 12, 2020

Stay on top of Security Vulnerabilities

Microsoft Vendor

Microsoft Dynamics 365 Business CentralProduct

Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability

CVE-2023-38167 7.2 - High - August 08, 2023

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

CVE-2022-41127 8.5 - High - December 13, 2022

Microsoft Business Central Information Disclosure Vulnerability

CVE-2022-41066 4.4 - Medium - November 09, 2022

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-40440 5.4 - Medium - September 15, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-36946 5.4 - Medium - August 12, 2021

Dynamics Business Central Remote Code Execution Vulnerability

CVE-2021-34474 7.2 - High - July 14, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-1724 4.8 - Medium - February 25, 2021

A remote code execution vulnerability exists in Microsoft Dynamics Business Central

CVE-2020-1022 8 - High - April 15, 2020

An remote code execution vulnerability exists in Microsoft Dynamics Business Central

CVE-2020-0905 8 - High - March 12, 2020

Microsoft
Vendor

Microsoft Dynamics 365 Business Central
Product