Login Sign Up

CVE-2023-30222

7.5 HIGH

📋 TL;DR

This vulnerability in 4D SAS 4D Server allows attackers to eavesdrop on network traffic and retrieve password hashes for all users. It affects 4D Server Application v17, v18, and v19 R7 and earlier versions. Attackers can potentially crack these hashes to gain unauthorized access.

💻 Affected Systems

Products:
  • 4D SAS 4D Server Application
Versions: v17, v18, v19 R7 and earlier
Operating Systems: Windows, macOS, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments using affected versions are vulnerable regardless of configuration.

📦 What is this software?

Server by 4d

View all CVEs affecting Server →

Server by 4d

View all CVEs affecting Server →

Server by 4d

View all CVEs affecting Server →

Server by 4d

View all CVEs affecting Server →

Server by 4d

View all CVEs affecting Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers obtain all user password hashes, crack them offline, gain administrative access, and compromise the entire database server and connected systems.

🟠

Likely Case

Attackers capture password hashes for regular users, crack weaker passwords, and gain unauthorized access to sensitive data within the database.

🟢

If Mitigated

With network segmentation and strong password policies, attackers may obtain hashes but cannot crack them or reach vulnerable systems.

🌐 Internet-Facing: HIGH - If the 4D Server is exposed to the internet, attackers can easily eavesdrop on traffic and harvest password hashes.
🏢 Internal Only: MEDIUM - Internal attackers or compromised systems on the same network can exploit this vulnerability to escalate privileges.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires network access to intercept traffic; tools for packet capture are widely available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v19 R8 and later, v20 and later

Vendor Advisory: https://blog.4d.com/security-bulletin-two-cves-and-how-to-stay-secure/

Restart Required: Yes

Instructions:

1. Download the latest version from 4D's official website. 2. Stop the 4D Server service. 3. Install the update. 4. Restart the service.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate 4D Server from untrusted networks to prevent eavesdropping.

Encrypted Communication

all

Force TLS/SSL encryption for all client-server communications if supported.

🧯 If You Can't Patch

  • Implement strict network access controls to limit who can communicate with the 4D Server.
  • Enforce strong password policies and multi-factor authentication to mitigate hash cracking impact.

🔍 How to Verify

Check if Vulnerable:

Check the 4D Server version in the administration interface or via command line: 4D --version

Check Version:

4D --version

Verify Fix Applied:

Verify the version is v19 R8 or later, or v20 or later, and test that password hashes are no longer transmitted in cleartext.

📡 Detection & Monitoring

Log Indicators:

  • Unusual network traffic patterns, failed authentication attempts from new IPs

Network Indicators:

  • Unencrypted authentication traffic to/from 4D Server port (default 19812)

SIEM Query:

source_ip="4D_Server_IP" AND (port=19812 OR protocol="TCP") AND packet_size>100

📊 Metadata

CVE ID: CVE-2023-30222
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-295
Published: June 16, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-30222, you might also want to check these:

CVE-2025-68121 10.0

This vulnerability in Go's crypto/tls package allows TLS session resumption to succeed when it shoul...

Same vulnerability type (CWE-295)
CVE-2024-5261 9.8

LibreOfficeKit mode in LibreOffice versions before 24.2.4 disables TLS certificate verification when...

Same vulnerability type (CWE-295)
CVE-2023-51837 9.8

MeshCentral 1.1.16 fails to properly validate SSL certificates when establishing connections, allowi...

Same vulnerability type (CWE-295)