web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics NAV (Archived) / Dynamics NAV 2009 R2 S...
Microsoft Dynamics NAV (Archived)

Dynamics NAV 2009 R2 Security Issues

(1) ShareShare
ReportReport
Posted on by Anil Kumar Kurra 246

Hi,

One of Client using NAV 2009 R2 Classic client. They had done penetration testing from the internal network and they use Windows Authentication. They had found few security issues. One of them is they mentioned "Inadequate access Controls in Place". It means Pentester is able to intercept TCP data and capture the SID of any user – userID is also exposed. Therefore, any login can be intercepted and also for existing users with lower level of access, they are able to elevate their access with the same process.

There are few other points but this is critical? Is there any way we can address this.

I understand NAV only adds security on to top of SQL Server. It's purely not Navision issues.

Any comments? Appreciate your help.

Thank you!

Regards,
Anil

*This post is locked for comments

I have the same question (0)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics NAV (Archived)

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans