Fixed Password Vulnerability in Kyungrinara(ERP Solution) Allows Unauthorized Access and Data Theft

Fixed Password Vulnerability in Kyungrinara(ERP Solution) Allows Unauthorized Access and Data Theft

CVE-2022-41157 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the SYSTEM authority. This vulnerability could allow attackers to leak or steal sensitive information or execute malicious commands.

Learn more about our Cis Benchmark Audit For Server Software.