Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Shared Key in Comarch ERP XL
Vulnerability Description
The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same among all Comarch ERP XL client installations. This could allow an attacker with access to that table to retrieve plain text passwords. This issue affects ERP XL: from 2020.2.2 through 2023.2.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Comarch ERP XL 安全漏洞
Vulnerability Description
Comarch ERP XL是波兰Comarch公司的一款企业资源规划(ERP)软件。 Comarch ERP XL 2020.2.2版本至2023.2版本存在安全漏洞,该漏洞源于允许攻击者检索纯文本密码。
CVSS Information
N/A
Vulnerability Type
N/A