Dynamics 365 BC Privilege Escalation via Access Control flaw (CVE-2023-38167)
CVE-2023-38167 Published on August 8, 2023
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2023-38167 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2023-38167
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-38167 are published in Microsoft Dynamics 365 Business Central:
Affected Versions
Microsoft Dynamics 365 Business Central 2023 Release Wave 1:- Version 22.0.0 and below Application Build 22.4.59134, Platform Build 22.0. is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.