{"@odata.context":"https://api.msrc.microsoft.com/sug/v2.0/en-US/$metadata#vulnerability/$entity","id":"00000000-0000-0000-0000-0000c9e726cf","releaseDate":"2021-07-13T07:00:00Z","cveNumber":"CVE-2021-34474","cveTitle":"Dynamics Business Central Remote Code Execution Vulnerability","releaseNumber":"2021-Jul","vulnType":"Security Vulnerability","latestRevisionDate":"2021-07-13T07:00:00Z","cweList":[],"mitreText":"CVE-2021-34474","mitreUrl":"https://www.cve.org/CVERecord?id=CVE-2021-34474","publiclyDisclosed":"No","exploited":"No","latestSoftwareReleaseId":2,"latestSoftwareRelease":"Exploitation Less Likely","olderSoftwareReleaseId":2,"olderSoftwareRelease":"Exploitation Less Likely","denialOfService":"N/A","tag":"Dynamics Business Central Control","issuingCna":"Microsoft","severityId":100000000,"severity":"Critical","impactId":100000005,"impact":"Remote Code Execution","langCode":"en-US","baseScore":"8.0","temporalScore":"7.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C","isMariner":false,"articles":[{"articleType":"FAQ","description":"
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). Can the exploit move from Dynamics Business Central to the underlying operating system?
\nAn attacker who successfully exploited this vulnerability could use it to pivot from the machine to the rest of the network.
\n","ordinal":10000}],"revisions":[{"cveNumber":"CVE-2021-34474","version":1.0,"revisionDate":"2021-07-13T07:00:00Z","initialDate":"0001-01-01T00:00:00Z","description":"Information published.
\n","unformattedDescription":"Information published.","notificationNeeded":false,"notificationSent":false,"sourceId":"c1867632-24d4-eb11-a840-000d3a6d3364"}]}