Skip to main content

Posts

Showing posts from February, 2023

Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability

Introduction:  On 11th January 2023, Microsoft announced a vulnerability in NAV 2016, NAV 2017, and Business Central (On-Premise), and the fixes are shared below. Pre-requisites:  Used / Implemented NAV 2016/2017 or Business Central On-Premise Books & References:  CVE-2022-411Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability CVE - CVE-2022-41127 (mitre.org) CVE-2022-41127: Download localized DVDs for Dynamics NAV 2016 and NAV 2017 - Dynamics 365 Business Central Community What is Remote Code Execution (RCE)? - GeeksforGeeks CVE-2022-41127 - Security Update Guide - Microsoft - Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability Details:  NOTE:   THIS VULNERABILITY IS CRITICAL IN NATURE. 1. Vulnerability : Microsoft identified Remote Code Execution Vulnerabilities in NAV 2016, NAV2017, and Business Central On-Premis...

Delete Users from NAV / Business Central

Introduction:  Have you received demo databases from someone? But you do not have the credentials? Read below to find the details. Pre-requisites:  NAV / Business Central OnPermise Demonstration:  NOTE: This step is not recommended for Production Server unless you explicitly need to do so. If you do not have Users in NAV/ Business Central, by default will allow you to add yourself as Administrator. This is needed if you migrate your database from one server to another outside of your AD. 1. Take SQL Backup: You can take SQL Backup by visiting SSMS > Right Click on DB > Tasks > Back Up > Select the File. Once you complete the wizard, your SQL backup file will be created. 2. Clear User Data using SQL Script: You can clear the Users, clear User Personalization, clear Metadata, and other tables USE [YOUR DB NAME] GO delete from [dbo].[User] delete from [dbo].[Access Control] delete from [dbo].[User Property] delete from [dbo].[Page Data Personalization] delete fro...