Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hardcoded password in Comarch ERP XL
Vulnerability Description
Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. The password is same among all Comarch ERP XL installations. This issue affects ERP XL: from 2020.2.2 through 2023.2.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Comarch ERP XL 安全漏洞
Vulnerability Description
Comarch ERP XL是波兰Comarch公司的一款企业资源规划(ERP)软件。 Comarch ERP XL 2020.2.2版本至2023.2版本存在安全漏洞,该漏洞源于使用硬编码密码,攻击者可以检索存储在数据库中的嵌入式敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A