CVE-2022-41398 Information

Description

The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attackers to login to the Solr dashboard with admin privileges and access sensitive information.

Reference

https://www.sage.com/en-ca/products/sage-300/