CVE-2023-4539

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 15, 2024

CWE ID 79

Summary

CVE-2023-4539 is a vulnerability in Comarch ERP XL, affecting versions from 2020.2.2 to 2023.2. The issue stems from a hard-coded password used for a database account created during installation. An attacker can exploit this weakness to gain unauthorized access and retrieve sensitive data stored in the database. All Comarch ERP XL installations use the same password, increasing the risk for potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s8JcH1
https://www.cve.org/CVERecord?id=CVE-2023-4539
https://nvd.nist.gov/vuln/detail/CVE-2023-4539

Back to Vulnerability Database

CVE-2023-4539

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations