KLA20124
ACE vulnerability in Microsoft Dynamics

Обновлено: 09/01/2023
Дата обнаружения
13/12/2022
Уровень угрозы
Critical
Описание

Code execution vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to execute arbitrary code.

Пораженные продукты

Microsoft Dynamics NAV 2016
Microsoft Dynamics NAV 2018
Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)
Microsoft Dynamics 365 Business Central 2021 Release Wave 1
Microsoft Dynamics 365 Business Central 2022 Release Wave 2
Microsoft Dynamics NAV 2017
Microsoft Dynamics 365 Business Central 2021 Release Wave 2
Microsoft Dynamics 365 Business Central 2020 Release Wave 2
Microsoft Dynamics 365 Business Central 2020 Release Wave 1
Microsoft Dynamics 365 Business Central 2022 Release Wave 1
Dynamics 365 Business Central Spring 2019 Update

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2022-41127
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
Microsoft Dynamics 365
KB list

5010202
5019239
5021671
5010910
5021670
5013420
5021672
5021668
5005293
5021669
5001733