A security vulnerability has been identified in Apache Syncope that could allow attackers to decrypt stored passwords if they gain access to the internal database. The flaw stems from the use of a hardcoded default AES encryption key, which undermines the password protection mechanism designed to keep sensitive user credentials secure. The vulnerability affects multiple […]

The post Apache Syncope Flaw Lets Attackers Access Internal Database Content appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/apache-syncope-flaw/