Dynamics 365 Business Central Microsoft Dynamics 365 Business Central

Do you want an email whenever new security vulnerabilities are reported in Microsoft Dynamics 365 Business Central?

Recent Microsoft Dynamics 365 Business Central Security Advisories

Advisory Title Published
CVE-2024-35248 CVE-2024-35248 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability July 9, 2024
CVE-2024-35249 CVE-2024-35249 Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability July 9, 2024
CVE-2022-41127 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability December 13, 2022

By the Year

In 2024 there have been 3 vulnerabilities in Microsoft Dynamics 365 Business Central with an average score of 8.0 out of ten. Last year Dynamics 365 Business Central had 1 security vulnerability published. That is, 2 more vulnerabilities have already been reported in 2024 as compared to last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.83.

Year Vulnerabilities Average Score
2024 3 8.03
2023 1 7.20
2022 2 6.45
2021 4 6.23
2020 3 7.83
2019 0 0.00
2018 0 0.00

It may take a day or so for new Dynamics 365 Business Central vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Dynamics 365 Business Central Security Vulnerabilities

Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability

CVE-2024-35249 8.8 - High - June 11, 2024

Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

CVE-2024-35248 7.3 - High - June 11, 2024

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

authentification

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability

CVE-2024-21380 8 - High - February 13, 2024

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability

Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability

CVE-2023-38167 7.2 - High - August 08, 2023

Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

CVE-2022-41127 8.5 - High - December 13, 2022

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

Microsoft Business Central Information Disclosure Vulnerability

CVE-2022-41066 4.4 - Medium - November 09, 2022

Microsoft Business Central Information Disclosure Vulnerability

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-40440 5.4 - Medium - September 15, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-36946 5.4 - Medium - August 12, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

XSS

Dynamics Business Central Remote Code Execution Vulnerability

CVE-2021-34474 8 - High - July 14, 2021

Dynamics Business Central Remote Code Execution Vulnerability

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

CVE-2021-1724 6.1 - Medium - February 25, 2021

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

XSS

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information

CVE-2020-1018 7.5 - High - April 15, 2020

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a masked field.The security update addresses the vulnerability by updating the rendering engine the Windows client to properly detect masked fields and render the content as masked., aka 'Microsoft Dynamics Business Central/NAV Information Disclosure'.

Information Disclosure

A remote code execution vulnerability exists in Microsoft Dynamics Business Central

CVE-2020-1022 8 - High - April 15, 2020

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.

Injection

An remote code execution vulnerability exists in Microsoft Dynamics Business Central

CVE-2020-0905 8 - High - March 12, 2020

An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Dynamics Nav or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe