CVE-2025-29821

EPSS 0.07%
Veröffentlicht 08.04.2025 17:23:31
Zuletzt bearbeitet 12.08.2025 16:09:56
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Dynamics 365 Business Central 2023 SwEditionon-premise Version >= 23.1.13812 < 23.18.32409

Microsoft ≫ Dynamics 365 Business Central 2024 SwEditionon-premise Version < 24.12.32447

Microsoft ≫ Dynamics 365 Business Central 2024 SwEditionon-premise Version >= 25.1.25900 < 25.6.32556

Microsoft ≫ Dynamics 365 Business Central 2025 SwEditionon-premise Version < 26.0.32481

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.226

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secure@microsoft.com	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29821

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-29821

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-29821

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-29821

EUVD