VYPR

Business Central

by Microsoft

CVEs (4)

  • CVE-2022-41066Nov 9, 2022
    risk 0.00cvss epss 0.01

    Microsoft Business Central Information Disclosure Vulnerability

  • CVE-2022-2458Aug 9, 2022
    risk 0.00cvss epss 0.01

    XML external entity injection(XXE) is a vulnerability that allows an attacker to interfere with an application's processing of XML data. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. The software…

  • CVE-2019-14839Apr 1, 2022
    risk 0.00cvss epss 0.01

    It was observed that while login into Business-central console, HTTP request discloses sensitive information like username and password when intercepted using some tool like burp suite etc.

  • CVE-2019-14886Mar 5, 2020
    risk 0.00cvss epss 0.00

    A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could…