A vulnerability in Sitevision CMS allows remote attackers to access private keys used for signing SAML Authn requests. The issue arises from a low-complexity, auto-generated password protecting the Java keystore containing these keys, which can be cracked offline. While the impact is difficult to assess, it highlights the importance of strong password complexity and proper configuration for sensitive data protection.