CVE-2024-48647

Name of the Vulnerable Software and Affected Versions Sage 1000 version 7.0.0

Description A file disclosure issue exists, allowing remote attackers to retrieve arbitrary files from the server's file system by manipulating the URL parameter in HTTP requests. This could lead to access of sensitive information, including configuration files that may contain credentials and system settings, potentially compromising the server further.

Recommendations For Sage 1000 version 7.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.