Security Bulletin SC2024-001-619349 Description: This article reports a critical vulnerability (SC2024-001-619349) in Sitecore software related to the risk of unauthenticated arbitrary file reads, for which there is a solution available. Affected Software: Experience Platform Applies To: 8.0 rev. 141212 (Initial Release) + Reference Number: 619349 Sitecore Categories: Cloud: Managed Cloud Standard, Cloud: Managed Cloud Premium Publication Date: August 5, 2024 Last Updated: September 12, 2024 Impact: The vulnerability impacts the following Sitecore products: Experience Manager (XM) Experience Platform (XP) Experience Commerce (XC) Managed Cloud XM Cloud Content Hub CDP and Personalize (formerly Boxever) OrderCloud (formerly Four51 OrderCloud) Storefront (formerly Four51 Storefront) Moosend Send Discover (formerly Reflektion) Search Commerce Server Notes: The vulnerability impacts all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release to 10.4 Initial Release. The issue affects Content Management (CM) and Standalone instances. PaaS solutions and containerized solutions are also affected. Managed Cloud customers who run the affected Experience Platform versions are affected. Only Content Management (CM)