Wojciech Żebrowski

**Name of the Vulnerable Software and Affected Versions** Finka-FK versions prior to 18.5 Finka-KPR versions prior to 16.6 Finka-Płace versions prior to 13.4 Finka-Faktura versions prior to 18.3 Finka-Magazyn versions prior to 8.3 Finka-STW versions prior to 12.3 **Description** The Finka software suite contains hard-coded Firebird database credentials that are shared across all instances. An attacker on the local network with knowledge of these default credentials can read and modify the database content. **Recommendations** Update Finka-FK to version 18.5 or later. Update Finka-KPR to version 16.6 or later. Update Finka-Płace to version 13.4 or later. Update Finka-Faktura to version 18.3 or later. Update Finka-Magazyn to version 8.3 or later. Update Finka-STW to version 12.3 or later.