Primary

Context

Finka Software Hard-Coded Firebird Database Credentials Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

A vulnerability exists in multiple Finka programs due to hard-coded Firebird database credentials that are the same across all software instances. This flaw allows a malicious attacker within the local network, who is aware of the default credentials, to read and modify database content. The affected programs include Finka-FK, Finka-KPR, Finka-Płace, Finka-Faktura, Finka-Magazyn, and Finka-STW.

Impact

Exploitation of this vulnerability could lead to unauthorized access and modification of database contents.

Remediation

Users can upgrade to Finka-FK 18.5, Finka-KPR 16.6, Finka-Płace 13.4, Finka-Faktura 18.3, Finka-Magazyn 8.3, or Finka-STW 12.3 to address this vulnerability.

Added: Feb 24, 2026, 5:36 PM

Updated: Feb 24, 2026, 10:13 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.3

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.3

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Finka Software Hard-Coded Firebird Database Credentials Vulnerability Allowing Unauthorized Data Access and Modification

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating