Elevation of Privilege Vulnerability
CVE-2024-38225
Summary
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Business Central, potentially allowing an attacker to gain unauthorized access to sensitive functionalities within the application. This vulnerability can be exploited by malicious individuals to manipulate the behavior of the application and access resources that should be restricted, compromising the integrity and confidentiality of the environment. It is essential for users of Dynamics 365 Business Central to apply the necessary patches released by Microsoft to mitigate the risk associated with this vulnerability. For more detailed information, refer to the Microsoft advisory.
Affected Version(s)
Microsoft Dynamics 365 Business Central 2023 Release Wave 1 Unknown 22.0.0
Microsoft Dynamics 365 Business Central 2023 Release Wave 2 Unknown 23.0.0
Microsoft Dynamics 365 Business Central 2024 Release Wave 1 Unknown 24.0
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved