This is a notification for product news or an alert. If you have a question, please start a new discussion

ALERT: Sage X3 VT Web Server is posted (Security Hot Fix)

This released component corrects the following security issues:

  • CVE-2023-38545 (High Severity) and CVE-2023-38546 (Low Severity): Curl and libcurl vulnerabilities.
  • CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat.
  • IMPORTANT: It is HIGHLY RECOMMENDED that security fixes be assessed and applied immediately.

To access this download, visit our Sage Knowledgebase Site HERE, then scroll down to locate the 2023R2 (12.0.34) downloads. Once you select the download link, you will be prompted to login to your Sage Portal Account. Scroll down on Patch 2023R2 to Related resources and you will find the list of additional components. locate Sage X3 VT Web to jump to its download page.

Note: The Sage X3 VT Web Server 2.42.1 has been replaced with the current version of the download (, as seen under related resources.