Vulnerabilities > CVE-2002-1446 - Unspecified vulnerability in Ncipher Pkcs 11 Library 1.2.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The error checking routine used for the C_Verify call on a symmetric verification key in the nCipher PKCS#11 library 1.2.0 and later returns the CKR_OK status even when it detects an invalid signature, which could allow remote attackers to modify or forge messages.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |