Описание
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
FAQ
According to the CVSS metric, privileges required is high (PR:H). What privileges does an attacker require to exploit this vulnerability?
Successful exploitation of this vulnerability requires an attacker to already have admin or high privilege access to a security group within the tenant.
Is the update for Microsoft Dynamics 365 Business Central 2023 Release Wave 1 listed in this vulnerability currently available?
The security update for Microsoft Dynamics 365 Business Central 2023 Release Wave 1 is not immediately available. The update will be released as soon as possible, and when it is available, customers will be notified via a revision to this CVE information.
August 15. 2023 Update: The security update for Microsoft Dynamics 365 Business Central 2023 Release Wave 1 is now available. Customers running Microsoft Dynamics 365 Business Central 2023 Release Wave 1 should install the update to be protected from the vulnerability.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Dynamics 365 Business Central 2023 Release Wave 1 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
7.2 High
CVSS3
Связанные уязвимости
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Microsoft Dynamics Business Central Elevation Of Privilege Vulnerability
Уязвимость программного средства для управления малым и средним бизнесом Microsoft Dynamics 365 Business Central, позволяющая нарушителю повысить свои привилегии
EPSS
7.2 High
CVSS3