Vulnerabilities > CVE-2006-1115 - Unspecified vulnerability in Ncipher Chil, Mscapi CSP and Ncipher Software CD

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
high complexity
ncipher

Summary

nCipher HSM before 2.22.6, when generating a Diffie-Hellman public/private key pair without any specified DiscreteLogGroup parameters, chooses random parameters that could allow an attacker to crack the private key in significantly less time than a brute force attack.

Vulnerable Configurations

Part Description Count
Application
Ncipher
4