Lucene search
K

4 matches found

OSV
OSV
added 2023/05/16 8:15 p.m.4 views

CVE-2023-29927

Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connectio...

4.3CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/05/16 8:15 p.m.15 views

CVE-2023-29927

Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connectio...

4.3CVSS5AI score0.00402EPSS
Exploits0References1
CVE
CVE
added 2023/05/16 12:0 a.m.45 views

CVE-2023-29927

CVE-2023-29927 affects Sage 300 up to 2022. The issue is that role-based access controls are enforced only on the client side, enabling low-privilege users—especially on workstations in Windows Peer-to-Peer or Client-Server Sage 300 configurations—to recover SQL connection strings and directly in...

4.3CVSS5AI score0.00402EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/16 12:0 a.m.8 views

CVE-2023-29927

Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the "Windows Peer-to-Peer Network" or "Client Server Network" Sage 300 configurations, could recover the SQL connectio...

5AI score0.00402EPSS
Exploits0References1
Rows per page
Query Builder