Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of Hard-Coded Cryptographic Key for Password Storage
Vulnerability Description
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
Infor SyteLine ERP 安全漏洞
Vulnerability Description
Infor SyteLine ERP是美国Infor公司的一个企业资源计划平台。 Infor SyteLine ERP存在安全漏洞,该漏洞源于使用硬编码静态加密密钥,可能导致存储的凭据被解密。
CVSS Information
N/A
Vulnerability Type
N/A