Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-41397

The optional Web Screens and Global Search features for Sage 300 through version 2022 use a hard-coded 40-byte blowfish key ("LandlordPassKey") to encrypt and decrypt secrets stored in configuration files and in database tables.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.9%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2022-41397
  • Sage » Sage 300 » Version: 2017
    cpe:2.3:a:sage:sage_300:2017
  • Sage » Sage 300 » Version: 2019
    cpe:2.3:a:sage:sage_300:2019
  • Sage » Sage 300 » Version: 2020
    cpe:2.3:a:sage:sage_300:2020
  • Sage » Sage 300 » Version: 2021
    cpe:2.3:a:sage:sage_300:2021
  • Sage » Sage 300 » Version: 2022
    cpe:2.3:a:sage:sage_300:2022


Products
Pricing
Contact Us

Shodan ® - All rights reserved