Recently Identified Security Vulnerability in Sage Enterprise Intelligence

By: | Category: ERP

On September 7, 2022, Sage sent out an email informing users of Sage Enterprise Intelligence (SEI) that a security vulnerability was identified during testing of SEI.

Note: The security vulnerability does not affect customers using SEI’s latest releases (version 2022 R1 and beyond).

What Security Vulnerability Was Identified?

The Nectari team recently discovered that existing SEI users, with expertise in coding, could potentially make an update providing them with unauthorized access to additional data in SEI. Nectari has issued a hotfix which is available for SEI version 9.5 and above.

Note: Per our conversation with Nectari, while Net at Work is recommending scheduling this hotfix with your team, there is no critical need to do so.

What Should You Do Next?

Per your organization’s security policy and its process to address vulnerabilities, we encourage you to reach out to Net at Work’s helpdesk and/or your Project Manager/Team Manager/SEI Consultant to further assist you with answering additional questions and scheduling the installation of the hotfix/patch for your specific version of SEI.

Note: Customers who are currently implementing a new version of SEI (2022 R1 and beyond) or upgrading SEI are not affected by the security vulnerability. If you are not LIVE with SEI you may choose to install/update to the latest version released on August 31, 2022 (2022 R1.2)

How Will Net At Work Assist?

In coming days Net at Work’s Account Managers, Team Managers, and/or Project Managers will reach out to affected customers and schedule the installation of the hotfix/patch.

What Are Your Options?

As an SEI Customer, you have 2 options:

  • Option 1: Upgrade SEI to the latest version released on August 31st, 2022 (2022 R1.2)
  • Option 2: Install the hotfix/patch for versions 9.5 and above (2021 R1.x, 2021 R2.x). Note: Net at Work is recommending to upgrade for customers using version 9.5.x.

How Much Downtime Should You Expect?

  • Option 1 : The upgrade is a small project. Please reach out to your Team Manager or Account Manager for an estimate of downtime. On average, we anticipate the upgrade to take 4 to 8 hours of work. However, for a select few, it may take longer based on the current installation configuration and the security requirements of your organization.
  • Option 2: The hotfix requires about 2 hours to install for most customers. Again, for a select few, it may take longer based on the current installation configuration and the security requirements of your organization.

Should you have any additional question regarding the recently identified security vulnerability for SEI, please contact your Account Manager directly or you can complete our Contact Us form to have the team reach out to you.