Browse all 3 CVE security advisories affecting Comarch. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Comarch provides enterprise software solutions including ERP, CRM, and telecommunications systems. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely documented, the three CVEs on record highlight persistent security concerns in their software portfolio. Their systems typically require regular patching to address these issues, emphasizing the need for robust security practices in environments utilizing Comarch's technology.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-4539 | Hardcoded password in Comarch ERP XL — ERP XLCWE-798 | 7.5 | High | 2024-02-15 |
| CVE-2023-4538 | Shared Key in Comarch ERP XL — ERP XLCWE-522 | 6.2 | Medium | 2024-02-15 |
| CVE-2023-4537 | Protocol Downgrade in Comarch ERP XL — ERP XLCWE-755 | 7.4 | High | 2024-02-15 |
This page lists every published CVE security advisory associated with Comarch. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.