Vulnerabilities > CVE-2003-1417 - Credentials Management vulnerability in Ncipher Support Software 6.00
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |