CVE-2002-0939

Sažetak

The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-05/0103.html
http://www.iss.net/security_center/static/9076.php
http://www.securityfocus.com/bid/4729

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-09-2008 - 19:13

Objavljeno

04-10-2002 - 04:00