U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:microsoft:dynamics_nav:2017:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 7 matching records.
Displaying matches 1 through 7.
Vuln ID Summary CVSS Severity
CVE-2022-41127

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

Published: December 13, 2022; 2:15:12 PM -0500 		V3.1: 8.5 HIGH
 V2.0:(not available)
CVE-2021-36946

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

Published: August 12, 2021; 2:15:10 PM -0400 		V3.1: 5.4 MEDIUM
 V2.0: 3.5 LOW
CVE-2021-1724

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability

Published: February 25, 2021; 6:15:13 PM -0500 		V3.1: 6.1 MEDIUM
 V2.0: 2.3 LOW
CVE-2020-1022

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.

Published: April 15, 2020; 11:15:20 AM -0400 		V3.1: 8.0 HIGH
 V2.0: 6.0 MEDIUM
CVE-2020-1018

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a masked field.The security update addresses the vulnerability by updating the rendering engine the Windows client to properly detect masked fields and render the content as masked., aka 'Microsoft Dynamics Business Central/NAV Information Disclosure'.

Published: April 15, 2020; 11:15:20 AM -0400 		V3.1: 7.5 HIGH
 V2.0: 5.0 MEDIUM
CVE-2020-0905

An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'.

Published: March 12, 2020; 12:15:21 PM -0400 		V3.1: 8.0 HIGH
 V2.0: 6.0 MEDIUM
CVE-2018-8651

A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV.

Published: December 11, 2018; 7:29:02 PM -0500 		V3.0: 5.4 MEDIUM
 V2.0: 3.5 LOW