Описание
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
FAQ
According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability?
While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack.
What privileges could be gained by an attacker who successfully exploited the vulnerability?
The attacker would gain the rights of the user that is running the affected application.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Dynamics 365 Business Central 2023 Release Wave 1 | ||
| Microsoft Dynamics 365 Business Central 2023 Release Wave 2 | ||
| Microsoft Dynamics 365 Business Central 2024 Release Wave 1 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.3 High
CVSS3
Связанные уязвимости
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Уязвимость программного средства для управления малым и средним бизнесом Microsoft Dynamics 365 Business Central, связанная с недостатками процедуры аутентификации, позволяющая нарушителю повысить свои привилегии
EPSS
7.3 High
CVSS3