Comarch Erp Xl
3 CVEs affecting Comarch Erp Xl. Latest disclosed: 2024-02-15. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-4539 | High | 7.5 | 2024-02-15 | Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data s… |
CVE-2023-4537 | High | 7.4 | 2024-02-15 | Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data… |
CVE-2023-4538 | Medium | 6.2 | 2024-02-15 | The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same among all Comarch ERP X… |