Vulnerabilities > SAP > Download Manager
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-12-14 | CVE-2016-3685 | Use of Hard-coded Credentials vulnerability in SAP Download Manager 1.1.3.0/2.1.142 SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial number, aka SAP Security Note 2282338. | 1.9 |
2016-12-14 | CVE-2016-3684 | Unspecified vulnerability in SAP Download Manager 1.1.3.0/2.1.142 SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338. local sap | 1.9 |