Line 736 of CTP Client contains a vulnerability as the SSL KeyStore Password is hardcoded to "ctpstore". This could allow an unauthorized non-root attacker to decrypt sent images by obtaining the SSL Key.
Reference Link:
|
System.setProperty("javax.net.ssl.keyStorePassword", "ctpstore"); |
Line 736 of CTP Client contains a vulnerability as the SSL KeyStore Password is hardcoded to "ctpstore". This could allow an unauthorized non-root attacker to decrypt sent images by obtaining the SSL Key.
Reference Link:
CTPClient/source/java/client/CTPClient.java
Line 736 in 1c01528