Information Disclosure Vulnerability in Epicor Enterprise 7.4

Information Disclosure Vulnerability in Epicor Enterprise 7.4

CVE-2014-4311 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Epicor Enterprise 7.4 before FS74SP6_HotfixTL054181 allows attackers to obtain the (1) Database Connection and (2) E-mail Connection passwords by reading HTML source code of the database connection and email settings page.

Learn more about our Web Application Penetration Testing UK.