Every CVE whose affected-product data names Comarch Erp Xl, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-4539 — CVSS 7.5 (high): Use of a hard-coded password for a special database account created during Comarch ERP XL installation allows an attacker to retrieve…
CVE-2023-4537 — CVSS 7.4 (high): Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted…
CVE-2023-4538 — CVSS 6.2 (medium): The database access credentials configured during installation are stored in a special table, and are encrypted with a shared key, same…