Vulnerabilities > CVE-2003-1417 - Credentials Management vulnerability in Ncipher Support Software 6.00

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ncipher

CWE-255

NVD

Published: 2003-12-31

Updated: 2024-11-20

Summary

nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files.

Vulnerable Configurations

Part	Description	Count
Application	Ncipher Ncipher Support Software 6.00	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://marc.info/?l=bugtraq&m=104619088801750&w=2
http://marc.info/?l=bugtraq&m=104619088801750&w=2
http://www.ncipher.com/support/advisories/advisory7_keyduplicates.html
http://www.ncipher.com/support/advisories/advisory7_keyduplicates.html
http://www.securityfocus.com/bid/6927
http://www.securityfocus.com/bid/6927
https://exchange.xforce.ibmcloud.com/vulnerabilities/11422
https://exchange.xforce.ibmcloud.com/vulnerabilities/11422