Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-4538

The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same among all Comarch ERP XL client installations. This could allow an attacker with access to that table to retrieve plain text passwords. This issue affects ERP XL: from 2020.2.2 through 2023.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.1%
CVSS Severity
CVSS v3 Score 6.2
Products affected by CVE-2023-4538
  • Comarch » Erp Xl » Version: 2020.2.2
    cpe:2.3:a:comarch:erp_xl:2020.2.2
  • Comarch » Erp Xl » Version: 2022.0
    cpe:2.3:a:comarch:erp_xl:2022.0
  • Comarch » Erp Xl » Version: 2022.0.1
    cpe:2.3:a:comarch:erp_xl:2022.0.1
  • Comarch » Erp Xl » Version: 2022.0.2
    cpe:2.3:a:comarch:erp_xl:2022.0.2
  • Comarch » Erp Xl » Version: 2022.1
    cpe:2.3:a:comarch:erp_xl:2022.1
  • Comarch » Erp Xl » Version: 2023.0
    cpe:2.3:a:comarch:erp_xl:2023.0
  • Comarch » Erp Xl » Version: 2023.1
    cpe:2.3:a:comarch:erp_xl:2023.1
  • Comarch » Erp Xl » Version: 2023.2
    cpe:2.3:a:comarch:erp_xl:2023.2


Products
Pricing
Contact Us

Shodan ® - All rights reserved