Search criteria
11 vulnerabilities found for server by 4d
CVE-2024-39847 (GCVE-0-2024-39847)
Vulnerability from nvd – Published: 2026-04-30 07:10 – Updated: 2026-05-17 22:18
VLAI
Title
Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP
Summary
Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
3 references
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39847",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-30T13:00:30.372326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T13:00:38.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-17T22:18:39.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2026/May/0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"4D Web Server"
],
"platforms": [
"Windows"
],
"product": "4D Server",
"vendor": "4D",
"versions": [
{
"lessThanOrEqual": "v20 R3",
"status": "affected",
"version": "*",
"versionType": "custom"
},
{
"lessThanOrEqual": "v20 R6",
"status": "unknown",
"version": "v20 R4",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "v20 R7",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:4d_server:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "v20_r3",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:4d_server:v20_r7:*:windows:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcelo Reyes of SCHUTZWERK GmbH"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.\u003cbr\u003e"
}
],
"value": "Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
},
{
"capecId": "CAPEC-497",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-497 File Discovery"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T07:10:17.999Z",
"orgId": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423",
"shortName": "SCHUTZWERK"
},
"references": [
{
"url": "https://www.schutzwerk.com/en/blog/schutzwerk-sa-2024-002/"
},
{
"tags": [
"product"
],
"url": "https://4d.com"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 4D Server 20 R7 or higher."
}
],
"value": "Update to 4D Server 20 R7 or higher."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-17T11:00:00.000Z",
"value": "Vulnerability discovered"
},
{
"lang": "en",
"time": "2024-06-24T11:00:00.000Z",
"value": "Attempt to contact vendor, no response received"
},
{
"lang": "en",
"time": "2024-06-25T11:00:00.000Z",
"value": "CVE ID requested"
},
{
"lang": "en",
"time": "2024-06-29T14:59:00.000Z",
"value": "CVE-2024-39847 assigned"
},
{
"lang": "en",
"time": "2024-07-04T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2024-07-09T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2024-07-16T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2024-07-22T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2026-04-29T11:00:00.000Z",
"value": "Advisory published"
}
],
"title": "Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423",
"assignerShortName": "SCHUTZWERK",
"cveId": "CVE-2024-39847",
"datePublished": "2026-04-30T07:10:17.999Z",
"dateReserved": "2024-06-29T20:55:54.740Z",
"dateUpdated": "2026-05-17T22:18:39.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4770 (GCVE-0-2023-4770)
Vulnerability from nvd – Published: 2023-11-30 13:32 – Updated: 2024-08-02 07:37
VLAI
Title
Uncontrolled Search Path Element Vulnerability in 4D and 4D Windows Server
Summary
An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution.
Severity
6.5 (Medium)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| 4D | 4D.exe |
Affected:
19 R8 100218
|
|
| 4D | 4D Server.exe |
Affected:
19 R8 100218
|
Date Public
2023-11-09 11:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-search-path-element-vulnerability-4d-and-4d-windows-server"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "4D.exe",
"vendor": "4D",
"versions": [
{
"status": "affected",
"version": "19 R8 100218"
}
]
},
{
"defaultStatus": "unaffected",
"product": "4D Server.exe",
"vendor": "4D",
"versions": [
{
"status": "affected",
"version": "19 R8 100218"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alexander Huam\u00e1n Jaimes (@zanganox)"
}
],
"datePublic": "2023-11-09T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution."
}
],
"value": "An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T13:32:43.408Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-search-path-element-vulnerability-4d-and-4d-windows-server"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Uncontrolled Search Path Element Vulnerability in 4D and 4D Windows Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-4770",
"datePublished": "2023-11-30T13:32:43.408Z",
"dateReserved": "2023-09-05T11:46:36.852Z",
"dateUpdated": "2024-08-02T07:37:59.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30222 (GCVE-0-2023-30222)
Vulnerability from nvd – Published: 2023-06-16 00:00 – Updated: 2024-08-02 14:21
VLAI
Summary
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T00:32:13.699Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://packetstormsecurity.com"
},
{
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30222",
"datePublished": "2023-06-16T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2024-08-02T14:21:44.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30223 (GCVE-0-2023-30223)
Vulnerability from nvd – Published: 2023-06-16 00:00 – Updated: 2024-08-02 14:21
VLAI
Summary
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T00:33:14.034Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://packetstormsecurity.com"
},
{
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30223",
"datePublished": "2023-06-16T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2024-08-02T14:21:44.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39847 (GCVE-0-2024-39847)
Vulnerability from cvelistv5 – Published: 2026-04-30 07:10 – Updated: 2026-05-17 22:18
VLAI
Title
Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP
Summary
Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
3 references
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-39847",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-30T13:00:30.372326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T13:00:38.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-05-17T22:18:39.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2026/May/0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"4D Web Server"
],
"platforms": [
"Windows"
],
"product": "4D Server",
"vendor": "4D",
"versions": [
{
"lessThanOrEqual": "v20 R3",
"status": "affected",
"version": "*",
"versionType": "custom"
},
{
"lessThanOrEqual": "v20 R6",
"status": "unknown",
"version": "v20 R4",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "v20 R7",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:4d_server:*:*:windows:*:*:*:*:*",
"versionEndIncluding": "v20_r3",
"versionStartIncluding": "*",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:4d_server:v20_r7:*:windows:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Marcelo Reyes of SCHUTZWERK GmbH"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.\u003cbr\u003e"
}
],
"value": "Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
},
{
"capecId": "CAPEC-497",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-497 File Discovery"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-30T07:10:17.999Z",
"orgId": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423",
"shortName": "SCHUTZWERK"
},
"references": [
{
"url": "https://www.schutzwerk.com/en/blog/schutzwerk-sa-2024-002/"
},
{
"tags": [
"product"
],
"url": "https://4d.com"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 4D Server 20 R7 or higher."
}
],
"value": "Update to 4D Server 20 R7 or higher."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-06-17T11:00:00.000Z",
"value": "Vulnerability discovered"
},
{
"lang": "en",
"time": "2024-06-24T11:00:00.000Z",
"value": "Attempt to contact vendor, no response received"
},
{
"lang": "en",
"time": "2024-06-25T11:00:00.000Z",
"value": "CVE ID requested"
},
{
"lang": "en",
"time": "2024-06-29T14:59:00.000Z",
"value": "CVE-2024-39847 assigned"
},
{
"lang": "en",
"time": "2024-07-04T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2024-07-09T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2024-07-16T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2024-07-22T11:00:00.000Z",
"value": "Attempt to contact vendor again, no response received"
},
{
"lang": "en",
"time": "2026-04-29T11:00:00.000Z",
"value": "Advisory published"
}
],
"title": "Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "23637b5d-af4c-4cf9-b8f6-deb7fd0f8423",
"assignerShortName": "SCHUTZWERK",
"cveId": "CVE-2024-39847",
"datePublished": "2026-04-30T07:10:17.999Z",
"dateReserved": "2024-06-29T20:55:54.740Z",
"dateUpdated": "2026-05-17T22:18:39.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4770 (GCVE-0-2023-4770)
Vulnerability from cvelistv5 – Published: 2023-11-30 13:32 – Updated: 2024-08-02 07:37
VLAI
Title
Uncontrolled Search Path Element Vulnerability in 4D and 4D Windows Server
Summary
An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution.
Severity
6.5 (Medium)
CWE
- CWE-427 - Uncontrolled Search Path Element
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| 4D | 4D.exe |
Affected:
19 R8 100218
|
|
| 4D | 4D Server.exe |
Affected:
19 R8 100218
|
Date Public
2023-11-09 11:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:37:59.774Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-search-path-element-vulnerability-4d-and-4d-windows-server"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "4D.exe",
"vendor": "4D",
"versions": [
{
"status": "affected",
"version": "19 R8 100218"
}
]
},
{
"defaultStatus": "unaffected",
"product": "4D Server.exe",
"vendor": "4D",
"versions": [
{
"status": "affected",
"version": "19 R8 100218"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alexander Huam\u00e1n Jaimes (@zanganox)"
}
],
"datePublic": "2023-11-09T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution."
}
],
"value": "An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T13:32:43.408Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-search-path-element-vulnerability-4d-and-4d-windows-server"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Uncontrolled Search Path Element Vulnerability in 4D and 4D Windows Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-4770",
"datePublished": "2023-11-30T13:32:43.408Z",
"dateReserved": "2023-09-05T11:46:36.852Z",
"dateUpdated": "2024-08-02T07:37:59.774Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30222 (GCVE-0-2023-30222)
Vulnerability from cvelistv5 – Published: 2023-06-16 00:00 – Updated: 2024-08-02 14:21
VLAI
Summary
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T00:32:13.699Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://packetstormsecurity.com"
},
{
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30222",
"datePublished": "2023-06-16T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2024-08-02T14:21:44.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30223 (GCVE-0-2023-30223)
Vulnerability from cvelistv5 – Published: 2023-06-16 00:00 – Updated: 2024-08-02 14:21
VLAI
Summary
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.778Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"tags": [
"x_transferred"
],
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T00:33:14.034Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://packetstormsecurity.com"
},
{
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-30223",
"datePublished": "2023-06-16T00:00:00.000Z",
"dateReserved": "2023-04-07T00:00:00.000Z",
"dateUpdated": "2024-08-02T14:21:44.778Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2023-4770
Vulnerability from fkie_nvd - Published: 2023-11-30 14:15 - Updated: 2024-11-21 08:35
Severity
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:4d:19:r8:*:*:*:*:*:*",
"matchCriteriaId": "626249AD-1971-4665-B370-221B29BC7644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:19:r8:*:*:*:*:*:*",
"matchCriteriaId": "7677CD7F-7041-433F-ACC2-FAF967509CC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad no controlada en un elemento de ruta de b\u00fasqueda en aplicaciones ejecutables de Windows de 4D y 4D server, afectando a la versi\u00f3n 19 R8 100218. Esta vulnerabilidad consiste en un secuestro de DLL reemplazando x64 shfolder.dll en la ruta de instalaci\u00f3n, provocando la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2023-4770",
"lastModified": "2024-11-21T08:35:56.800",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "cve-coordination@incibe.es",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-30T14:15:11.880",
"references": [
{
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-search-path-element-vulnerability-4d-and-4d-windows-server"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-search-path-element-vulnerability-4d-and-4d-windows-server"
}
],
"sourceIdentifier": "cve-coordination@incibe.es",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "cve-coordination@incibe.es",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-30222
Vulnerability from fkie_nvd - Published: 2023-06-16 17:15 - Updated: 2024-11-21 07:59
Severity
Summary
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:server:17:*:*:*:*:*:*:*",
"matchCriteriaId": "D7342973-0BD3-4C09-87D4-BBCA31B84A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:18:-:*:*:*:*:*:*",
"matchCriteriaId": "D1FA8D11-BBB0-4A10-95CE-FED4448A233C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:18:r5:*:*:*:*:*:*",
"matchCriteriaId": "29C6A752-ACED-46A2-AAE7-534B19EC5735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:19:-:*:*:*:*:*:*",
"matchCriteriaId": "43EA872D-1084-4059-A0B4-A9272614B067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:19:r7:*:*:*:*:*:*",
"matchCriteriaId": "78924358-0364-436E-8642-890E2264EC41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping."
}
],
"id": "CVE-2023-30222",
"lastModified": "2024-11-21T07:59:55.240",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-16T17:15:11.857",
"references": [
{
"source": "cve@mitre.org",
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-30223
Vulnerability from fkie_nvd - Published: 2023-06-16 17:15 - Updated: 2024-11-21 07:59
Severity
Summary
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:4d:server:17:*:*:*:*:*:*:*",
"matchCriteriaId": "D7342973-0BD3-4C09-87D4-BBCA31B84A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:18:-:*:*:*:*:*:*",
"matchCriteriaId": "D1FA8D11-BBB0-4A10-95CE-FED4448A233C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:18:r5:*:*:*:*:*:*",
"matchCriteriaId": "29C6A752-ACED-46A2-AAE7-534B19EC5735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:19:-:*:*:*:*:*:*",
"matchCriteriaId": "43EA872D-1084-4059-A0B4-A9272614B067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:4d:server:19:r7:*:*:*:*:*:*",
"matchCriteriaId": "78924358-0364-436E-8642-890E2264EC41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions."
}
],
"id": "CVE-2023-30223",
"lastModified": "2024-11-21T07:59:55.393",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-16T17:15:11.897",
"references": [
{
"source": "cve@mitre.org",
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}