Hardcoded Encryption Key Vulnerability in SAP Download Manager 2.1.142 and Earlier

Hardcoded Encryption Key Vulnerability in SAP Download Manager 2.1.142 and Earlier

CVE-2016-3684 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:N/A:N

SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338.

Learn more about our Web Application Penetration Testing UK.