2 matches found
CVE-2015-8329
SAP Manufacturing Integration and Intelligence (MII) is affected by an encryption downgrade vulnerability due to the use of Base64 and DES. The issue allows downgrade attacks and potential password decryption. Reported impact references are tied to SAP MII versions 12.2, 14.0 and 15.0 (and possib...
SAP MII - Encryption Downgrade vulnerability
Application: SAP MII Vendor URL: http://www.sap.com Bugs: Cryptographic issues Reported: 05.09.2015 Vendor response: 06.09.2015 Date of Public Advisory: 20.11.2015 Reference: SAP Security Note 2240274 Author: Mathieu GELI ERPScan VULNERABILITY INFORMATION Class: Cryptographic issues Impact: readi...