Lucene search

MitreCVE-2002-0939

HistoryOct 04, 2002 - 4:00 a.m.

CVE-2002-0939

2002-10-0404:00:00

mitre

web.nvd.nist.gov

ncipher

install wizard

mscapi csp

operator card set

vulnerability

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.001

Percentile

19.7%

JSON

The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).

Affected configurations

Nvd

Node

nciphermscapi_cspMatch5.50

nciphermscapi_cspMatch5.54

VendorProductVersionCPE
nciphermscapi_csp5.50cpe:2.3:a:ncipher:mscapi_csp:5.50:*:*:*:*:*:*:*
nciphermscapi_csp5.54cpe:2.3:a:ncipher:mscapi_csp:5.54:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ncipher	mscapi_csp	5.50	cpe:2.3:a:ncipher:mscapi_csp:5.50:::::::*
ncipher	mscapi_csp	5.54	cpe:2.3:a:ncipher:mscapi_csp:5.54:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-05/0103.html

www.iss.net/security_center/static/9076.php

www.securityfocus.com/bid/4729

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.001

Percentile

19.7%

JSON

Related for CVE-2002-0939