2 matches found
SAP Redwood BPA Message Service crypto secret information disclosure
Application: SAP Redwood BPA Vendor URL: SAP Bugs: Information Disclosure Reported: 09.11.2017 Vendor response: 10.11.2017 Date of Public Advisory: 13.03.2018 Reference: SAP Security Note 2596535 Author: Mathieu Geli ERPScan DESCRIPTION An anonymous network attacker can forge valid packets that a...
Well-known SSL Certificate Used in Remote Device
The X.509 certificate of the remote host is known to be shipping by default with the remote service / device. The private key for this cert has been published, therefore the SSL communications done with the remote host can not be considered as being secret as anyone with the ability to snoop the...