Multiple Infor products are affected by a high-severity permissions vulnerability that could allow unauthorized users to access restricted resources or functions.

This vulnerability involves a permissions issue where access controls were insufficiently enforced. An authenticated user could potentially exploit this flaw to bypass intended restrictions and gain access to sensitive data or administrative capabilities.

The inability to properly enforce permissions can lead to unauthorized data disclosure and privilege escalation. With a CVSS score of 7.5, this high-severity vulnerability could result in the compromise of sensitive business information and the loss of data integrity, potentially leading to regulatory non-compliance and financial loss.

Immediate Action: Apply the vendor-provided security updates immediately to implement the necessary permission restrictions.

Proactive Monitoring: Review user access logs and permission change history for any signs of unauthorized activity or privilege escalation attempts.

Compensating Controls: Enforce the principle of least privilege (PoLP) across all Infor applications to minimize the impact of any single account compromise.

Public Exploit Available: false

Organizations using Infor products must prioritize the application of these security updates. Strengthening access controls is a fundamental security requirement, and this patch is critical to preventing unauthorized lateral movement within the application.