Vulnerabilities > CVE-2016-3684 - Unspecified vulnerability in SAP Download Manager 1.1.3.0/2.1.142

047910
CVSS 1.9 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
sap

Summary

SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338.

Vulnerable Configurations

Part Description Count
Application
Sap
2
OS
Microsoft
1
OS
Apple
1