Weak Encryption Vulnerability in SAP Download Manager by SAP
CVE-2016-3684
4.7MEDIUM
What is CVE-2016-3684?
SAP Download Manager versions 2.1.142 and earlier utilize a hardcoded encryption key to secure stored data. This implementation flaw allows context-dependent attackers to exploit knowledge of the encryption key, gaining access to sensitive configuration information. This vulnerability has been documented in SAP Security Note 2282338 and poses a significant risk to the integrity and confidentiality of stored data.