VYPR
Unrated severityNVD Advisory· Published Feb 15, 2024· Updated Aug 2, 2024

Hardcoded password in Comarch ERP XL

CVE-2023-4539

Description

Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Comarch ERP XL installations.

This issue affects ERP XL: from 2020.2.2 through 2023.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Comarch/ERP XLllm-fuzzy2 versions
    >=2020.2.2, <=2023.2+ 1 more
    • (no CPE)range: >=2020.2.2, <=2023.2
    • (no CPE)range: 2020.2.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.