CVE-2022-41066

4 documents4 sources
Severity
4.4MEDIUM
EPSS
2.3%
top 15.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Microsoft Dynamics 365 Business Central Spring 2019 UpdateMicrosoft Microsoft Dynamics 365 Business Central 2021 Release Wave 2Microsoft Microsoft Dynamics 365 Business Central 2022 Release Wave 1+6 more
Timeline
PublishedNov 9
Latest updateNov 10

Description

Microsoft Business Central Information Disclosure Vulnerability

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.7 | Impact: 3.6

Affected Packages9 packages

NVDmicrosoft/dynamics_365_business_central_202221.1.4863821.1.48638+1
CVEListV5microsoft/dynamics_365_business_central_spring_2019_update14.0.0Application Build 14.42.49347, Platform Build 14.0
CVEListV5microsoft/microsoft_dynamics_365_business_central_2021_release_wave_219.0.0Application Build 21.2.49990, Platform Build 21.0
CVEListV5microsoft/microsoft_dynamics_365_business_central_2022_release_wave_120.0.0Application Build 20.7.48483, Platform Build 20.0.

🔴Vulnerability Details

2
GHSA
GHSA-33m5-rgm6-r8x3: Microsoft Business Central Information Disclosure Vulnerability2022-11-10
CVEList
Microsoft Business Central Information Disclosure Vulnerability2022-11-09

📋Vendor Advisories

1
Microsoft
Microsoft Business Central Information Disclosure Vulnerability2022-11-08
CVE-2022-41066 (MEDIUM CVSS 4.4) | Microsoft Business Central Informat | cvebase.io