PT-2020-2239 · Microsoft · Dynamics Business Central+2
Published
2020-04-14
·
Updated
2021-07-21
·
CVE-2020-1022
CVSS v2.0
8.5
High
| Vector | AV:N/AC:M/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Dynamics 365 versions (affected versions not specified)
Microsoft Dynamics NAV versions (affected versions not specified)
Microsoft Dynamics Business Central versions (affected versions not specified)
Description
The issue is related to incorrect neutralization of special elements in output used by an incoming component, which can allow a remote attacker to execute arbitrary code.
Recommendations
For Microsoft Dynamics 365, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Microsoft Dynamics NAV, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Microsoft Dynamics Business Central, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dynamics 365
Dynamics Business Central
Dynamics Nav