Dynamics 365 BC Privilege Escalation via Access Control flaw (CVE-2023-38167)
CVE-2023-38167 Published on August 8, 2023
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2023-38167 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2023-38167
Want to know whenever a new CVE is published for Microsoft Dynamics 365 Business Central? stack.watch will email you.
Affected Versions
Microsoft Dynamics 365 Business Central 2023 Release Wave 1:- Version 22.0.0 and below Application Build 22.4.59134, Platform Build 22.0. is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.