Описание
Microsoft Business Central Information Disclosure Vulnerability
FAQ
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.
According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to compromise admin credentials on the device.
What type of information could be disclosed by this vulnerability?
An attacker who successfully exploited this vulnerability could use it to view integration secrets that are owned by a different partner.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Dynamics NAV 2018 | ||
| Dynamics 365 Business Central Spring 2019 Update | ||
| Microsoft Dynamics 365 Business Central 2022 Release Wave 2 | ||
| Microsoft Dynamics 365 Business Central 2022 Release Wave 1 | ||
| Microsoft Dynamics 365 Business Central 2021 Release Wave 2 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
4.4 Medium
CVSS3
Связанные уязвимости
Microsoft Business Central Information Disclosure Vulnerability
Microsoft Business Central Information Disclosure Vulnerability.
Уязвимость программного средства для управления малым и средним бизнесом Microsoft Dynamics 365 Business Central и интегрированной системы управления предприятием Microsoft Dynamics NAV, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
4.4 Medium
CVSS3