Описание
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attackers to login to the Solr dashboard with admin privileges and access sensitive information.
Уязвимые конфигурации
Конфигурация 1Версия до 2022 (включая)
cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00087
Низкий
7.5 High
CVSS3
Дефекты
CWE-798
CWE-798
Связанные уязвимости
CVSS3: 7.5
github
почти 3 года назад
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attackers to login to the Solr dashboard with admin privileges and access sensitive information.
EPSS
Процентиль: 25%
0.00087
Низкий
7.5 High
CVSS3
Дефекты
CWE-798
CWE-798