Vulnerabilities > CVE-2016-3684 - Unspecified vulnerability in SAP Download Manager 1.1.3.0/2.1.142
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE local
sap
Summary
SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 | |
OS | 1 | |
OS | 1 |