News and Announcements icon

Dynamics 365 CommunityForums Microsoft Dynamics NAV (Archived) Dynamics NAV 2009 R2 S...

Microsoft Dynamics NAV (Archived)

Dynamics NAV 2009 R2 Security Issues

(1) Share

Report

Report

Posted on by Anil Kumar Kurra

244

Hi,

One of Client using NAV 2009 R2 Classic client. They had done penetration testing from the internal network and they use Windows Authentication. They had found few security issues. One of them is they mentioned "Inadequate access Controls in Place". It means Pentester is able to intercept TCP data and capture the SID of any user – userID is also exposed. Therefore, any login can be intercepted and also for existing users with lower level of access, they are able to elevate their access with the same process.

There are few other points but this is critical? Is there any way we can address this.

I understand NAV only adds security on to top of SQL Server. It's purely not Navision issues.

Any comments? Appreciate your help.

Thank you!

Regards,
Anil

*This post is locked for comments

All responses Img

All responses (0)

Answers Img

Answers (0)

Helpful resources

News and Announcements

Announcing Category Subscriptions!

Quick Links

Leaderboard

#1

André Arnaud de Cal... 291,359 Super User 2024 Season 2

#2

Martin Dráb 230,370 Most Valuable Professional

#3

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans