Lucene search

[email protected]CVE-2015-5464

HistoryJul 22, 2015 - 10:59 a.m.

CVE-2015-5464

2015-07-2210:59:00

CWE-284

[email protected]

web.nvd.nist.gov

gemalto

safenet

luna hsm

key-export restrictions

remote access

1.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:M/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.7%

JSON

The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.

Affected configurations

NVD

Node

gemaltosafenet_luna_g5

gemaltosafenet_luna_pci-e

gemaltosafenet_luna_sa

CPENameOperatorVersion
gemalto:safenet_luna_g5gemalto safenet luna g5eq*
gemalto:safenet_luna_pci-egemalto safenet luna pci-eeq*
gemalto:safenet_luna_sagemalto safenet luna saeq*

CPE	Name	Operator	Version
gemalto:safenet_luna_g5	gemalto safenet luna g5	eq	*
gemalto:safenet_luna_pci-e	gemalto safenet luna pci-e	eq	*
gemalto:safenet_luna_sa	gemalto safenet luna sa	eq	*

References

www.safenet-inc.com/technical-support/security-updates/

1.3 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

MULTIPLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:M/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.7%

JSON

Related for CVE-2015-5464

prion1 nvd1 cvelist1