CVE-2015-8329
SAP Manufacturing Integration and Intelligence - Weak Encryption via Base64 and DES
Title source: llmDescription
SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274.
References (3)
Core 3
Core References
Third Party Advisory x_refsource_misc
https://erpscan.io/advisories/erpscan-15-031-using-base64-and-des-in-sap-mii/
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/135761/SAP-MII-12.2-14.0-15.0-Cryptography-Issues.html
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Feb/68
Scores
EPSS
0.0015
EPSS Percentile
35.2%
Details
CWE
CWE-310
Status
published
Products (3)
sap/manufacturing_integration_and_intelligence
12.2
sap/manufacturing_integration_and_intelligence
14.0
sap/manufacturing_integration_and_intelligence
15.0
Published
Nov 24, 2015
Tracked Since
Feb 18, 2026