Vulnerabilities > Key Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-22 | CVE-2018-0124 | Key Management Errors vulnerability in Cisco Unified Communications Domain Manager A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. | 9.8 |
| 2017-10-10 | CVE-2015-7503 | Key Management Errors vulnerability in Zend Framework Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key. | 7.5 |
| 2017-08-02 | CVE-2015-0839 | Key Management Errors vulnerability in HP Linux Imaging and Printing 3.17.7 The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads. | 8.1 |
| 2017-06-01 | CVE-2015-0936 | Key Management Errors vulnerability in Ceragon Fibeair Ip-10 Firmware Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key. | 9.8 |
| 2017-04-10 | CVE-2016-6879 | Key Management Errors vulnerability in Botan Project Botan The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value. | 7.5 |
| 2017-03-23 | CVE-2015-4166 | Key Management Errors vulnerability in Cloudera KEY Trustee Server 5.4.2 Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key. | 9.8 |
| 2017-03-03 | CVE-2016-6882 | Key Management Errors vulnerability in Matrixssl MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack. | 5.9 |
| 2017-03-01 | CVE-2016-2880 | Key Management Errors vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. | 7.8 |
| 2017-02-01 | CVE-2016-9963 | Key Management Errors vulnerability in multiple products Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. | 5.9 |
| 2017-01-30 | CVE-2016-2217 | Key Management Errors vulnerability in Dest-Unreach Socat 1.7.3.0/2.0.0 The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret. | 5.3 |