CVE-2020-5248

GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data mu...

CVE-2020-5248

GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data mu...

PT-2016-3363 · Apache +1 · Apache Shiro +1

Name of the Vulnerable Software and Affected Versions: Apache Shiro versions prior to 1.2.5 Description: The issue is related to the "remember me" feature in Apache Shiro, where the lack of a configured cipher key allows remote attackers to execute arbitrary code or bypass intended access...

SAP HANA system exposed to security vulnerabilities, static key exists in the database-vulnerability warning-the black bar safety net

! SAP is well-known in-memory database management system HANA was traced to the presence of security vulnerabilities, static encryption key is actually stored in the database. SAP HANA is SAP ever the fastest-growing products. Vulnerability overview ERPScan researchers held in Amsterdam the black...

CVE-2000-0762

CVE-2000-0762 affects the default installation of eTrust Access Control (formerly SeOS). The vulnerability arises because the product uses a default encryption key, enabling remote attackers to spoof the eTrust administrator and escalate privileges. The available documents do not specify affected...

CVE-2000-0762

The default installation of eTrust Access Control formerly SeOS uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges...