Sage - Syracuse CVE

Filtered by vendor Sage Subscribe

Filtered by product Syracuse

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-7389	1 Sage	2 Syracuse, X3	2022-07-15	9.0 HIGH	7.2 HIGH
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer access can pass OS commands via this variable used by the web application. Note, this developer configuration should not be deployed in production.

Vulnerabilities (CVE)