Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insecure Key & Secret Management vulnerability in SAP GUI for Windows
Vulnerability Description
The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms instead of secure symmetric ciphers for storing the credentials of an RFC user on the client PC. This leads to a high impact on confidentiality because any attacker who gains access to the user hive of this user�s windows registry could recreate the original password. There is no impact on integrity or availability of the application
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
敏感信息的不安全存储
Vulnerability Title
SAP GUI for Windows 安全漏洞
Vulnerability Description
SAP GUI for Windows是德国思爱普(SAP)公司的一款用于Windows的界面图形软件。 SAP GUI for Windows存在安全漏洞,该漏洞源于使用混淆算法存储凭据,可能导致密码泄露。
CVSS Information
N/A
Vulnerability Type
N/A