PT-2023-13980 · Sage · Sage 300

Name of the Vulnerable Software and Affected Versions: Sage 300 versions through 2022 Description: The issue involves the use of a hard-coded 40-byte blowfish key for encrypting and decrypting user passwords and SQL connection strings stored in ISAM database files. This could allow attackers to...

Sage Group Sage 300 信任管理问题漏洞

Sage Group Sage 300 is a well-established, closed-source enterprise resource planning ERP solution from Sage Group UK designed to facilitate business management. A security vulnerability exists in Sage Group Sage 300 version 2022 and prior versions that stems from the use of a hard-coded puffer k...

Fortinet FortiAuthenticator WEB UI 信任管理问题漏洞

The Fortinet FortiAuthenticator WEB UI is the web interface for a centralized user identity management solution from Fortinet, Inc. A security vulnerability exists in FortiAuthenticator that arises from the use of hard-coded keys to encrypt configuration files, debug logs, and password data. The...