2 matches found
CVE-2023-30222
Affected product/implementation: 4D SAS 4D Server Application (4D Server) versions v17, v18, v19 R7 and earlier. Vulnerability summary: An information-disclosure flaw enables an attacker to retrieve password hashes for all users by eavesdropping on affected deployments. Root cause (as stated): In...
CVE-2023-30223
The CVE-2023-30223 entry concerns a broken authentication vulnerability in 4D SAS 4D Server software (versions to v17, v18, v19 R7 and earlier). According to connected sources, an attacker could send crafted TCP packets containing requests to perform arbitrary actions, indicating a remote, networ...