CVE-2021-34474

Summary

Dynamics Business Central Remote Code Execution Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Dynamics 365 Business Central 2020 Release Wave 1 - Update 16.1416.0 < Application: 16.14.27266, Platform: 16.0.27253affected
MicrosoftMicrosoft Dynamics 365 Business Central 2020 Release Wave 2 - Update 17.817.0 < Application: 17.8.27267, Platform: 17.0.27235affected
MicrosoftMicrosoft Dynamics 365 Business Central 2021 Release Wave 1 - Update 18.318.0 < Application: 18.3.27480, Platform: 18.0.27469affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References