Sage X3 Community:
A Security Alert has recently been brought to our attention. This alert relates to two generic users (ADMCA or ECOMM) that have been supplied by default when installing Sage X3 Version 11 and Sage X3 Version 12 before release 2019 R2. In some rare cases, when Sage X3 Security Best Practices have not been followed, there might be an access path to administration functions on production sites by an elevation of privilege.
This issue has been reported on some environments; thus Sage strongly advises that customers on Sage X3 Version 11 and Sage X3 Version 12 implement the steps outlined in the FAQ (which can be found attached to the KB number below) to eliminate this risk.
This impacts Sage X3 Version 11 and Sage X3 Version 12 before release 2019 R2 (even if the customer has subsequently upgraded to a more recent release).
You can learn more by visiting our Sage Knowledgebase, searching for KBID # 117419, and reviewing the FAQ, Check Tool PDF, and the HF utility.