CVE-2024-21380

Summary

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Dynamics 365 Business Central 2022 Release Wave 221.0.0 < Application Build 21.16.63199, Platform Build 21.0affected
MicrosoftMicrosoft Dynamics 365 Business Central 2023 Release Wave 122.0.0 < Application Build 22.10.63195, Platform Build 22.0affected
MicrosoftMicrosoft Dynamics 365 Business Central 2023 Release Wave 223.0.0 < Application Build 23.4.15715, Platform Build 23.0.affected

Weaknesses

  • CWE-200: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References