CVE-2024-0490 is a medium-severity information disclosure vulnerability affecting Huaxia ERP versions up to 3.1. The vulnerability is classified under CWE-200, which pertains to unintended information exposure. Specifically, the flaw exists in the processing of the endpoint /user/getAllList, where improper handling allows an unauthenticated remote attacker to retrieve sensitive information without authorization. The vulnerability does not require any user interaction or privileges, making it remotely exploitable over the network with low attack complexity. The disclosed information could include user lists or other sensitive data managed by the ERP system, potentially aiding attackers in further reconnaissance or targeted attacks. The vendor has addressed this issue in version 3.2, and upgrading to this version mitigates the vulnerability. Although no public exploits have been confirmed in the wild yet, the exploit details have been publicly disclosed, increasing the risk of exploitation by opportunistic attackers. The CVSS v3.1 base score is 5.3, reflecting a medium severity due to the confidentiality impact without affecting integrity or availability.

For European organizations using Huaxia ERP, this vulnerability poses a risk of unauthorized disclosure of sensitive user or business data. Such information leakage can facilitate further attacks such as social engineering, privilege escalation, or targeted intrusion campaigns. The impact is particularly significant for organizations handling critical business operations, personal data under GDPR, or intellectual property. Disclosure of user lists or internal data could lead to reputational damage, regulatory fines, and loss of customer trust. Since the attack vector is remote and requires no authentication, organizations with exposed ERP interfaces are at heightened risk. The vulnerability does not directly impact system integrity or availability but compromises confidentiality, which is a critical security pillar for enterprise resource planning systems.

European organizations should prioritize upgrading Huaxia ERP installations to version 3.2 or later to remediate this vulnerability. Until upgrades are applied, organizations should restrict external access to the /user/getAllList endpoint using network-level controls such as firewalls or VPNs. Implementing strict access control policies and monitoring access logs for unusual requests targeting this endpoint can help detect exploitation attempts. Additionally, organizations should conduct regular security assessments and penetration tests focusing on ERP systems to identify similar weaknesses. Employing web application firewalls (WAFs) with custom rules to block suspicious requests to the affected endpoint can provide temporary protection. Finally, ensure that sensitive data exposure is minimized by reviewing ERP configurations and applying the principle of least privilege for data access within the system.