CVE-2026-2103

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erp	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:infor:syteline_erp:10.0.8803.16889:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-02-06 17:16

Updated : 2026-02-17 15:46

NVD link : CVE-2026-2103

Mitre link : CVE-2026-2103

CVE.ORG link : CVE-2026-2103

JSON object : View

Products Affected

infor

syteline_erp

CWE

CWE-321

Use of Hard-coded Cryptographic Key

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2026-2103", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cves@blacklanternsecurity.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2026-02-06T17:16:28.240", "references": [{"url": "https://blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erp", "tags": ["Exploit", "Third Party Advisory"], "source": "cves@blacklanternsecurity.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cves@blacklanternsecurity.com", "description": [{"lang": "en", "value": "CWE-321"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials."}, {"lang": "es", "value": "Infor SyteLine ERP utiliza claves criptogr\u00e1ficas est\u00e1ticas codificadas de forma r\u00edgida para cifrar las credenciales almacenadas, incluyendo contrase\u00f1as de usuario, cadenas de conexi\u00f3n de la base de datos y claves de API. Las claves de cifrado son id\u00e9nticas en todas las instalaciones. Un atacante con acceso al binario de la aplicaci\u00f3n y a la base de datos puede descifrar todas las credenciales almacenadas."}], "lastModified": "2026-02-17T15:46:31.470", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:infor:syteline_erp:10.0.8803.16889:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0110991B-B5AE-42B2-8E73-A6022EED59E6"}], "operator": "OR"}]}], "sourceIdentifier": "cves@blacklanternsecurity.com"}