3 matches found
CVE-2023-30222
Affected product/implementation: 4D SAS 4D Server Application (4D Server) versions v17, v18, v19 R7 and earlier. Vulnerability summary: An information-disclosure flaw enables an attacker to retrieve password hashes for all users by eavesdropping on affected deployments. Root cause (as stated): In...
CVE-2023-30223
The CVE-2023-30223 entry concerns a broken authentication vulnerability in 4D SAS 4D Server software (versions to v17, v18, v19 R7 and earlier). According to connected sources, an attacker could send crafted TCP packets containing requests to perform arbitrary actions, indicating a remote, networ...
CVE-2023-4770
CVE-2023-4770 affects 4D and 4D server Windows executables, specifically version 19 R8 100218. The issue is an uncontrolled search path element causing DLL hijacking by replacing the x64 shfolder.dll in the installation path, leading to arbitrary code execution. Public details confirm the vulnera...