CVE-2024-2138013.02.2024, 18:15Microsoft Dynamics Business Central/NAV Information Disclosure VulnerabilityEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST8 HIGHNETWORKHIGHLOWCVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:HmicrosoftCNA8 HIGHCVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:CCVEADP------CISA-ADPADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 65%Common Weakness EnumerationCWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380