Apr 2020:
CVE-2020-1018 Published on April 15, 2020

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a masked field.The security update addresses the vulnerability by updating the rendering engine the Windows client to properly detect masked fields and render the content as masked., aka 'Microsoft Dynamics Business Central/NAV Information Disclosure'.

NVD


Products Associated with CVE-2020-1018

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-1018 are published in these products:

Microsoft Dynamics 365 Business Central
 
Microsoft Dynamics Nav
 

Affected Versions

Microsoft Dynamics NAV 2016: Microsoft Dynamics NAV 2017: Microsoft Dynamics NAV 2018: Microsoft Dynamics NAV 2015: Microsoft Dynamics 365 BC On Premise: Microsoft Dynamics 365 Business Central 2019 Spring Update:

Exploit Probability

EPSS
3.92%
Percentile
88.07%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.