CVE-2022-41127 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

2022-12-1300:00:00

microsoft

www.cve.org

cve-2022-41127

microsoft dynamics

remote code execution

on premises

8.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

8.6 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.0%

JSON

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics NAV 2016",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_nav:2016:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0",
        "lessThan": "Build 52203",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics NAV 2017",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_nav:2017:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0",
        "lessThan": "Build 30712",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics NAV 2018",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_nav:2018:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0",
        "lessThan": "Build 49497",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics NAV 2015",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_nav:2015:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0",
        "lessThan": "52204",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Dynamics 365 Business Central Spring 2019 Update",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2019:spring_update:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "14.0.0",
        "lessThan": "App Build 14.43.49498, Platform Build 14.0.49494",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2019:release_wave_2:*:*:on-premise:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "15.0.0",
        "lessThan": "App Build 15.17.48428, Platform Build 15.0.48",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics 365 Business Central 2020 Release Wave 2",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2020:release_wave_2:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "17.0.0",
        "lessThan": "App Build 17.17.38111, Platform Build 17.0.38061",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics 365 Business Central 2020 Release Wave 1",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2020:release_wave_1:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "16.0.0",
        "lessThan": "App Build 16.19.35126, Platform Build 16.35120",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 1",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2022:release_wave_1:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "20.0.0",
        "lessThan": "App Build 20.8.49971, Platform Build 20.0.49947",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 2",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2021:release_wave_2:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "19.0.0",
        "lessThan": "App Build 19.14.49970, Platform Build 19.0.49925",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics 365 Business Central 2022 Release Wave 2",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2022:release_wave_2:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "21.0.0",
        "lessThan": "App Build 21.2.49990, Platform Build 21.0.49984",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics 365 Business Central 2021 Release Wave 1",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_365_business_central:2021:release_wave_1:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "18.0.0",
        "lessThan": "App Build 18.18.46920, Platform Build 18.0.46905",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Dynamics NAV 2013 R2",
    "cpes": [
      "cpe:2.3:a:microsoft:dynamics_nav:2013_R2:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0",
        "lessThan": "52297",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]