Vulnerabilities > CVE-2022-34001 - XXE vulnerability in Unit4 Enterprise Resource Planning 7.9

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
unit4
CWE-611
NVD
Published: 2022-07-19
Updated: 2022-07-27

Summary

Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously.

Vulnerable Configurations

Part Description Count
Application
Unit4
2

Common Weakness Enumeration (CWE)

References