{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2103", "assignerOrgId": "27b6da8a-f51d-48d9-9eef-9b7f3405d20d", "state": "PUBLISHED", "assignerShortName": "BLSOPS", "dateReserved": "2026-02-06T13:40:47.744Z", "datePublished": "2026-02-06T16:22:28.282Z", "dateUpdated": "2026-02-06T16:39:17.314Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "SyteLine ERP", "vendor": "Infor", "versions": [{"status": "affected", "version": "10.0.8803.16889"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials."}], "value": "Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials."}], "impacts": [{"capecId": "CAPEC-191", "descriptions": [{"lang": "en", "value": "CAPEC-191 Read Sensitive Strings Within an Executable"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-321", "description": "CWE-321", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "27b6da8a-f51d-48d9-9eef-9b7f3405d20d", "shortName": "BLSOPS", "dateUpdated": "2026-02-06T16:22:28.282Z"}, "references": [{"url": "https://blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erp"}], "source": {"discovery": "INTERNAL"}, "title": "Use of Hard-Coded Cryptographic Key for Password Storage", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-06T16:38:53.194813Z", "id": "CVE-2026-2103", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-06T16:39:17.314Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2103", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-06T16:38:53.194813Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-06T16:39:10.277Z"}}], "cna": {"title": "Use of Hard-Coded Cryptographic Key for Password Storage", "source": {"discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-191", "descriptions": [{"lang": "en", "value": "CAPEC-191 Read Sensitive Strings Within an Executable"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Infor", "product": "SyteLine ERP", "versions": [{"status": "affected", "version": "10.0.8803.16889"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erp"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.", "supportingMedia": [{"type": "text/html", "value": "Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-321", "description": "CWE-321"}]}], "providerMetadata": {"orgId": "27b6da8a-f51d-48d9-9eef-9b7f3405d20d", "shortName": "BLSOPS", "dateUpdated": "2026-02-06T16:22:28.282Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2103", "state": "PUBLISHED", "dateUpdated": "2026-02-06T16:39:17.314Z", "dateReserved": "2026-02-06T13:40:47.744Z", "assignerOrgId": "27b6da8a-f51d-48d9-9eef-9b7f3405d20d", "datePublished": "2026-02-06T16:22:28.282Z", "assignerShortName": "BLSOPS"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:infor:syteline_erp:10.0.8803.16889:*:*:*:*:*:*:*", "matchCriteriaId": "0110991B-B5AE-42B2-8E73-A6022EED59E6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt all stored credentials."}], "id": "CVE-2026-2103", "lastModified": "2026-02-17T15:46:31.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "cves@blacklanternsecurity.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-06T17:16:28.240", "references": [{"source": "cves@blacklanternsecurity.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://blog.blacklanternsecurity.com/p/cve-2026-2103-infor-syteline-erp"}], "sourceIdentifier": "cves@blacklanternsecurity.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-321"}], "source": "cves@blacklanternsecurity.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-798"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"created": "2026-02-09T10:50:38.427552+00:00", "updated": "2026-02-09T10:50:38.427650+00:00", "vendors": ["infor", "infor$PRODUCT$syteline_erp"]}