The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow malicious users to login to the Solr dashboard with admin privileges and access sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sage sage 300 |