Loading
SysAid Help Desk before 15.2 uses a hardcoded encryption key, which makes it easier for remote attackers to obtain sensitive information, as demonstrated by decrypting the database password in WEB-INF/conf/serverConf.xml.
Use CWE-200, Sysaid vendor hub and Sysaid product page to widen CVE-2015-2998 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2023-47246, CVE-2025-2776 and CVE-2025-2775 for nearby disclosures in the same product family.