Lucene search

[email protected]NVD:CVE-2003-1417

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1417

2003-12-3105:00:00

CWE-255

[email protected]

web.nvd.nist.gov

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files.

Affected configurations

Nvd

Node

nciphersupport_softwareMatch6.00

VendorProductVersionCPE
nciphersupport_software6.00cpe:2.3:a:ncipher:support_software:6.00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ncipher	support_software	6.00	cpe:2.3:a:ncipher:support_software:6.00:::::::*

References

marc.info/?l=bugtraq&m=104619088801750&w=2

www.ncipher.com/support/advisories/advisory7_keyduplicates.html

www.securityfocus.com/bid/6927

exchange.xforce.ibmcloud.com/vulnerabilities/11422

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2003-1417

cvelist1 cve1