We have recently uncovered a critical vulnerability in the AhsayCBS API (Application Programming Interface) system, which exposes some versions of AhsayCBS v7 and AhsayCBS v8 to a very high risk of malicious attack and loss of data.
The vulnerability could potentially allow a malicious attacker to:
The vulnerabilities only affect AhsayCBS v7 and AhsayCBS v8 servers, it does not affect the AhsayOBM/AhsayACB v7 and v8 clients, and therefore no action is required for AhsayOBM/AhsayACB clients.
However, we do recommend partners consider upgrading AhsayOBM/AhsayACB clients to the latest versions to take advantage of the latest available bug fixes and enhancements.
All affected partners:
Please make sure you have valid maintenance before upgrading to the latest release. Otherwise, your AhsayCBS service will stop functioning due to “Support Expired” error. Please contact a member our Sales team firstname.lastname@example.org for assistance with maintenance related issues.
i. If your current version is NOT AhsayCBS v18.104.22.168 or above.
ii. If your current version is AhsayCBS v22.214.171.124 or above.
If your current version is NOT AhsayCBS v126.96.36.199 or above, please refer to the following KB article for upgrade instructions:
Stop! Do not upgrade until you contact a member our Sales Team at email@example.com for assistance with your maintenance renewal.
Our professional service team is ready to provide immediate assistance to partners with AhsayCBS v7 and AhsayCBS v8 upgrades.
Please contact a member our Sales Team at firstname.lastname@example.org to obtain a quotation for the AhsayCBS upgrade service.