CVE-2024-4995

Published: Dec 18, 2024

Modified: Oct 7, 2025

PUBLISHED

Description

Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modification. This issue affects Wapro ERP Desktop versions before 9.00.0.

Vendor	Product	Versions
Asseco Business Solutions S.A.	Wapro ERP Desktop	affected `0 - < 9.00.0`

Weaknesses (CWE)

CWE-757

References

https://cert.pl/en/posts/2024/12/CVE-2024-4995/

third-party-advisory

https://cert.pl/posts/2024/12/CVE-2024-4995/

third-party-advisory

https://wapro.pl/

product

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-4995

Description

Affected Products

Weaknesses (CWE)

References