CVE-2023-4537

CVSS 3.1 Score 7.4 of 10 (high)

Details

Published Feb 15, 2024
CWE ID 311

Summary

CVE-2023-4537 is a vulnerability affecting Comarch ERP XL client versions from 2020.2.2 to 2023.2. An attacker can exploit this issue by sending a MS SQL protocol downgrade request from a server side, resulting in unencrypted communication that is susceptible to data interception and modification. This vulnerability poses a significant risk to sensitive business data, making it essential for affected organizations to apply the necessary patches as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share