Vulnerabilities > Comarch

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-15	CVE-2023-4538	Insufficiently Protected Credentials vulnerability in Comarch ERP XL The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same among all Comarch ERP XL client installations. network low complexity comarch CWE-522	6.5
2024-02-15	CVE-2023-4539	Use of Hard-coded Credentials vulnerability in Comarch ERP XL Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve embedded sensitive data stored in the database. network low complexity comarch CWE-798	7.5

Vulnerabilities > Comarch {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Comarch"}]}