What is the severity of CVE-2020-1018?

CVE-2020-1018 has a severity rating of 'Important' according to Microsoft.

How do I fix CVE-2020-1018?

To fix CVE-2020-1018, ensure you apply the latest security updates provided by Microsoft for affected versions of Dynamics 365 Business Central and NAV.

What type of vulnerability is CVE-2020-1018?

CVE-2020-1018 is classified as an information disclosure vulnerability.

Which software is affected by CVE-2020-1018?

CVE-2020-1018 affects multiple versions of Microsoft Dynamics 365 Business Central and NAV, including versions 2015 through 2019 Spring Update.

Can CVE-2020-1018 be exploited remotely?

Yes, an attacker can exploit CVE-2020-1018 remotely if they have authorized access to view the records in the affected software.

Vulnerability/
CVE-2020-1018

high

7.5

CWE

200

15/4/2020

4/8/2024

CVE-2020-1018: Infoleak

First published: Wed Apr 15 2020(Updated: )

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information that are in a masked field.The security update addresses the vulnerability by updating the rendering engine the Windows client to properly detect masked fields and render the content as masked., aka 'Microsoft Dynamics Business Central/NAV Information Disclosure'.

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Dynamics 365 Business Central
Microsoft Dynamics 365 Business Central	=2019-spring_update
Microsoft Dynamics NAV 2018	=2015
Microsoft Dynamics NAV 2018	=2016
Microsoft Dynamics NAV 2018	=2017
Microsoft Dynamics NAV 2018	=2018

Remedy

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1018

Never miss a vulnerability like this again

Reference Links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1018

Frequently Asked Questions

What is the severity of CVE-2020-1018?
CVE-2020-1018 has a severity rating of 'Important' according to Microsoft.
How do I fix CVE-2020-1018?
To fix CVE-2020-1018, ensure you apply the latest security updates provided by Microsoft for affected versions of Dynamics 365 Business Central and NAV.
What type of vulnerability is CVE-2020-1018?
CVE-2020-1018 is classified as an information disclosure vulnerability.
Which software is affected by CVE-2020-1018?
CVE-2020-1018 affects multiple versions of Microsoft Dynamics 365 Business Central and NAV, including versions 2015 through 2019 Spring Update.
Can CVE-2020-1018 be exploited remotely?
Yes, an attacker can exploit CVE-2020-1018 remotely if they have authorized access to view the records in the affected software.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/last-modified-date
agent/references
agent/author
agent/weakness
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/microsoft
canonical/microsoft dynamics 365 business central
version/microsoft dynamics 365 business central/2019-spring_update
canonical/microsoft dynamics nav 2018
version/microsoft dynamics nav 2018/2015
version/microsoft dynamics nav 2018/2016
version/microsoft dynamics nav 2018/2017
version/microsoft dynamics nav 2018/2018

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.