Vulnerabilities > CVE-2020-0905 - Unspecified vulnerability in Microsoft Dynamics 365 Business Central and Dynamics NAV
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 8 |
Nessus
NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS20_MAR_MICROSOFT_DYNAMICS_365_BC.NASL description The Microsoft Dynamics 365 Business Central install is missing a security update. It is, therefore, affected by a remote code execution vulnerability due to an issue with the Role-Tailored Client. An authenticated, remote attacker can exploit this to execute arbitrary commands or elevate privileges. Note that Nessus has not attempted to exploit this issue but has instead relied only on the application last seen 2020-05-15 modified 2020-05-11 plugin id 136472 published 2020-05-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136472 title Security Updates for Microsoft Dynamics 365 Business Central (Mar 2020) NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS20_MAR_MICROSOFT_DYNAMICS_NAV.NASL description The Microsoft Dynamics NAV install is missing a security update. It is, therefore, affected by a remote code execution vulnerability due to an issue with the Role-Tailored Client. An authenticated, remote attacker can exploit this to execute arbitrary commands or elevate privileges. Note that Nessus has not attempted to exploit this issue but has instead relied only on the application last seen 2020-05-15 modified 2020-05-11 plugin id 136473 published 2020-05-11 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/136473 title Security Updates for Microsoft Dynamics NAV (Mar 2020)