The vulnerability of the ConnectionStrings.config component in the “Terrasoft” CRM system and the “Creatio” BPM system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ConnectionStrings.config component in the “Terrasoft” CRM system and the “Creatio” BPM system is related to incorrect restrictions on the path to the restricted access directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain...