Password Hash Retrieval Vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and Earlier

Password Hash Retrieval Vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and Earlier

CVE-2023-30222 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping.

Learn more about our Cis Benchmark Audit For Server Software.