CVE-2023-4537 Information

Description

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side what could lead to an unencrypted communication vulnerable to data interception and modification.

This issue affects ERP XL: from 2020.2.2 through 2023.2.

Reference

https://cert.pl/en/posts/2024/02/CVE-2023-4537/ https://cert.pl/posts/2023/02/CVE-2023-4537/