{"id":2443,"date":"2021-07-09T19:14:15","date_gmt":"2021-07-09T13:44:15","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=2443"},"modified":"2021-07-09T19:14:18","modified_gmt":"2021-07-09T13:44:18","slug":"multiple-bugs-discovered-in-sage-x3-enterprise-management-software","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/","title":{"rendered":"Multiple Bugs Discovered in Sage X3 Enterprise Management Software"},"content":{"rendered":"\n<p><p style=\"text-align: justify;\">All the four security vulnerabilities have been revealed in the Sage X3 enterprise resource planning (ERP) product, during recent proactive testing of the systems, in which two could be attached as part of an attack serial to allow adversaries to run malicious commands and grant access to a vulnerable system.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Sage X3 is now targeted at mid-sized companies \u2013 particularly manufacturers and distributors \u2013 that are seeking all-in-one ERP functionality. The system handles sales, inventory, purchasing, customer relationship management, and production in one combined ERP software solution.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">These flaws were uncovered by investigators from Rapid7, who disclose Sage Group of their searches on the 3rd of February. The dealer has since rolled out fixes in current releases for Sage X3 Version 9 (Syracuse 9.22.7.2), Sage X3 HR &amp; Payroll release Version 9 (Syracuse 9.24.1.3), Sage X3 Version 11 (Syracuse 11.25.2.6), and Sage X3 Version 12 (Syracuse 12.10.2.8) that were shipped in March.<\/p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Below is the List of Vulnerabilities<\/strong><\/h2>\n\n\n\n<ul><li>CVE-2020-7388 (CVSS score: 10.0) &#8211; Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component<\/li><li>CVE-2020-7389 (CVSS score&#8221; 5.5) &#8211; System &#8220;CHAINE&#8221; Variable Script Command Injection (No fix planned)<\/li><li>CVE-2020-7387 (CVSS score: 5.3) &#8211; Sage X3 Installation Pathname Disclosure<\/li><li>CVE-2020-7390 (CVSS score: 4.6) &#8211; Stored XSS Vulnerability on &#8216;Edit&#8217; Page of User Profile<\/li><\/ul>\n\n\n\n<p><p style=\"text-align: justify;\">\u201cOn mixing CVE-2020-7387 and CVE-2020-7388, a threat actor can first learn the installation path of the affected software, the go through the information to give commands to host system to be run in SYSTEM context,\u201d the investigator said. \u201cThis can permit a threat actor to execute arbitrary operating system commands to create Administrator level users, install malicious software, and otherwise grant complete access of the system for any purpose.\u201d<\/p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Critical Authentication \u2013 Avoid Security Vulnerability<\/strong><\/h2>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"728\" height=\"168\" src=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/07\/Multiple-Bugs-Discovered-in-Sage-X3-Enterprise-Management-Software-image1.jpg\" alt=\"Multiple-Bugs-Discovered-in-Sage-X3-Enterprise-Management-Software-image1.jpg\" class=\"wp-image-2446\" srcset=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/07\/Multiple-Bugs-Discovered-in-Sage-X3-Enterprise-Management-Software-image1.jpg 728w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/07\/Multiple-Bugs-Discovered-in-Sage-X3-Enterprise-Management-Software-image1-300x69.jpg 300w\" sizes=\"(max-width: 728px) 100vw, 728px\" \/><\/figure><\/div>\n\n\n\n<p><p style=\"text-align: justify;\">One of the most serious flaws is CVE-2020-7388, which takes advantage of an administrative service that\u2019s accessible over the internet to expertise malicious requests to execute arbitrary commands on the serves as the \u201cNT AUTHORITY\/SYSTEM\u201d user. The service in question is used for remote management of the Sage ERP solution through the Sage X3 Console.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Moreover, the \u2018Edit\u2019 page correlated with user profiles in the Sage X3 Syracuse web server element is vulnerable to a preserved XSS attack (CVE-2020-7390), allowing the execution of arbitrary JavaScript code during the \u2018mouseOver\u2019 function in the \u2018First name\u2019, \u2018Last name\u2019, and \u2018Email\u2019 fields.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">\u201cIn case it is successful, however, this vulnerability could permit a regular user of Sage X3 to run privileged events as currently logged-in administrator or capture administrator session cookies for later impersonation as currently-logged-in administrator\u201d The investigator mentioned.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Successful accomplishment of CVE-2020-7387, on the other side, outcomes in the disclosure of Sage X3 installations paths to an unauthorized user, while CVE-2020-7389 concerns a missing authentication in Syracuse development environments that could be used to gain code run using command insertion.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">\u201cUsually talking, Sage X3 installation should not be revealed directly to the internet, and should instead be making available via a protected VPN connection where needed,\u201d the investigator noted in the disclosure. \u201cFollowing this operation advice efficiently prevents all four vulnerabilities, though customers are still supported to update according to their usual patch cycle schedules.\u201d<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">Sage has acted quickly to deal with these four vulnerabilities. The process of responsible disclosure has not only worked, but it has also provided Sage time to develop and set up patches. It has also permitted Sage to spend time talking to customers and partners to ensure a high patch compliance level. So, it does also bring some of the concerns into focus.<\/p><\/p>\n\n\n\n<p><p style=\"text-align: justify;\">The second concern here is that companies should not get sidetracked by the comment about external access. Achieving so means they are not paying enough attention to the harm that attacks inside the network cause. It is a wake call that all organizations need to think about it.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>All the four security vulnerabilities have been revealed in the Sage X3 enterprise resource planning (ERP) product, during recent proactive testing of the systems, in which two could be attached as part of an attack serial to allow adversaries to run malicious commands and grant access to a vulnerable system. Sage X3 is now targeted [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":2445,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.11 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Multiple Bugs Discovered in Sage X3 Enterprise Management Software - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Multiple Bugs Discovered in Sage X3 Enterprise Management Software - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"All the four security vulnerabilities have been revealed in the Sage X3 enterprise resource planning (ERP) product, during recent proactive testing of the systems, in which two could be attached as part of an attack serial to allow adversaries to run malicious commands and grant access to a vulnerable system. Sage X3 is now targeted [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-09T13:44:15+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-09T13:44:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/07\/Multiple-Bugs-Discovered-in-Sage-X3-Enterprise-Management-Software-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Multiple Bugs Discovered in Sage X3 Enterprise Management Software\",\"datePublished\":\"2021-07-09T13:44:15+00:00\",\"dateModified\":\"2021-07-09T13:44:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/\"},\"wordCount\":640,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/\",\"url\":\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/\",\"name\":\"Multiple Bugs Discovered in Sage X3 Enterprise Management Software - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-07-09T13:44:15+00:00\",\"dateModified\":\"2021-07-09T13:44:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Multiple Bugs Discovered in Sage X3 Enterprise Management Software\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Multiple Bugs Discovered in Sage X3 Enterprise Management Software - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/","og_locale":"en_US","og_type":"article","og_title":"Multiple Bugs Discovered in Sage X3 Enterprise Management Software - Xiarch Solutions Private Limited","og_description":"All the four security vulnerabilities have been revealed in the Sage X3 enterprise resource planning (ERP) product, during recent proactive testing of the systems, in which two could be attached as part of an attack serial to allow adversaries to run malicious commands and grant access to a vulnerable system. Sage X3 is now targeted [&hellip;]","og_url":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-07-09T13:44:15+00:00","article_modified_time":"2021-07-09T13:44:18+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/07\/Multiple-Bugs-Discovered-in-Sage-X3-Enterprise-Management-Software-featured-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Multiple Bugs Discovered in Sage X3 Enterprise Management Software","datePublished":"2021-07-09T13:44:15+00:00","dateModified":"2021-07-09T13:44:18+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/"},"wordCount":640,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/","url":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/","name":"Multiple Bugs Discovered in Sage X3 Enterprise Management Software - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-07-09T13:44:15+00:00","dateModified":"2021-07-09T13:44:18+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/multiple-bugs-discovered-in-sage-x3-enterprise-management-software\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Multiple Bugs Discovered in Sage X3 Enterprise Management Software"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2443"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=2443"}],"version-history":[{"count":2,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2443\/revisions"}],"predecessor-version":[{"id":2449,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/2443\/revisions\/2449"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/2445"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=2443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=2443"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=2443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}