Infor SyteLine ERP Hard-Coded Cryptographic Keys Vulnerability Allowing Decryption of Stored Credentials

Vulnerability

A vulnerability exists in Infor SyteLine ERP due to the use of hard-coded static cryptographic keys for encrypting stored credentials, such as user passwords, database connection strings, and API keys. These encryption keys are the same across all installations. An attacker with access to the application binary and database can decrypt the encrypted credentials.

Impact

Exploitation of this vulnerability allows for the decryption of all stored credentials, including user passwords, database connection strings, and API keys.

Added: Feb 6, 2026, 5:19 PM

Updated: Feb 7, 2026, 12:02 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.0

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.0

remediation

0.0

relevance

2.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Infor SyteLine ERP Hard-Coded Cryptographic Keys Vulnerability Allowing Decryption of Stored Credentials

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating