CVE-2022-41127

State: PUBLISHED · Published: 2022-12-13 · Updated: 2025-07-22 · Assigner: microsoft

Description

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

CWE

(none)

Affected

Microsoft / Microsoft Dynamics NAV 2016 — v=1.0 <Build 52203 [affected]
Microsoft / Microsoft Dynamics NAV 2017 — v=1.0 <Build 30712 [affected]
Microsoft / Microsoft Dynamics NAV 2018 — v=1.0 <Build 49497 [affected]
Microsoft / Microsoft Dynamics NAV 2015 — v=1.0 <52204 [affected]
Microsoft / Dynamics 365 Business Central Spring 2019 Update — v=14.0.0 <App Build 14.43.49498, Platform Build 14.0.49494 [affected]
Microsoft / Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise) — v=15.0.0 <App Build 15.17.48428, Platform Build 15.0.48 [affected]
Microsoft / Microsoft Dynamics 365 Business Central 2020 Release Wave 2 — v=17.0.0 <App Build 17.17.38111, Platform Build 17.0.38061 [affected]
Microsoft / Microsoft Dynamics 365 Business Central 2020 Release Wave 1 — v=16.0.0 <App Build 16.19.35126, Platform Build 16.35120 [affected]
Microsoft / Microsoft Dynamics 365 Business Central 2022 Release Wave 1 — v=20.0.0 <App Build 20.8.49971, Platform Build 20.0.49947 [affected]
Microsoft / Microsoft Dynamics 365 Business Central 2021 Release Wave 2 — v=19.0.0 <App Build 19.14.49970, Platform Build 19.0.49925 [affected]
Microsoft / Microsoft Dynamics 365 Business Central 2022 Release Wave 2 — v=21.0.0 <App Build 21.2.49990, Platform Build 21.0.49984 [affected]
Microsoft / Microsoft Dynamics 365 Business Central 2021 Release Wave 1 — v=18.0.0 <App Build 18.18.46920, Platform Build 18.0.46905 [affected]
Microsoft / Microsoft Dynamics NAV 2013 R2 — v=1.0 <52297 [affected]

CVSS

3.1 score=8.5 severity=HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41127 vendor-advisory

Source

cvelistV5-main/cves/2022/41xxx/CVE-2022-41127.json