Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Protocol Downgrade in Comarch ERP XL
Vulnerability Description
Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects ERP XL: from 2020.2.2 through 2023.2.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
对异常条件的处理不恰当
Vulnerability Title
Comarch ERP XL 安全漏洞
Vulnerability Description
Comarch ERP XL是波兰Comarch公司的一款企业资源规划(ERP)软件。 Comarch ERP XL 2020.2.2版本至2023.2版本存在安全漏洞,该漏洞源于容易受到来自服务器端的MS SQL协议降级请求的影响,可能导致未加密的通信容易受到数据拦截和修改。
CVSS Information
N/A
Vulnerability Type
N/A