CVE-2020-7389
Sage X3 Syracuse Missing Authentication for Critical Function in Developer Environment
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Affected products
Sage · X3Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →