Microsoft Business Central Information Disclosure Vulnerability
CVE-2022-41066

4.4MEDIUM

Key Information:

Vendor
Microsoft
Status
Microsoft Dynamics Nav 2018
Dynamics 365 Business Central Spring 2019 Update
Microsoft Dynamics 365 Business Central 2022 Release Wave 2
Microsoft Dynamics 365 Business Central 2022 Release Wave 1
Vendor
CVE Published:
9 November 2022

Summary

Microsoft Business Central Information Disclosure Vulnerability

Affected Version(s)

Dynamics 365 Business Central Spring 2019 Update Unknown 14.0.0

Microsoft Dynamics 365 Business Central 2021 Release Wave 2 Unknown 19.0.0

Microsoft Dynamics 365 Business Central 2022 Release Wave 1 Unknown 20.0.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

EPSS Score

0% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.