2.6

CVE-2006-1117

EPSS 0.41%
Veröffentlicht 09.03.2006 13:06:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

nCipher firmware before V10, as used by (1) nShield, (2) nForce, (3) netHSM, (4) payShield, (5) SecureDB, (6) DSE200 Document Sealing Engine, (7) Time Source Master Clock (TSMC), and possibly other products, contains certain options that were only intended for testing and not production, which might allow remote attackers to obtain information about encryption keys and crack those keys with less effort than brute force.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ncipher ≫ Dse200 Document Sealing Engine

Ncipher ≫ Ncore

Ncipher ≫ Nforce

Ncipher ≫ Securedb

Ncipher ≫ Time Source Master Clock

Ncipher ≫ Nethsm Version2.0

Ncipher ≫ Nethsm Version2.1

Ncipher ≫ Nethsm Version2.1.12_cam5

Ncipher ≫ Nshield

Ncipher ≫ Payshield

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.41%	0.586

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://secunia.com/advisories/19137

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0862

http://securitytracker.com/id?1015718

Patch

Vendor Advisory

http://www.ncipher.com/resources/97/sa14_presence_of_flaws_in_firmware_security

Patch

Vendor Advisory

http://www.securityfocus.com/archive/1/427151/100/0/threaded

http://www.securityfocus.com/bid/17012

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/25063

https://nvd.nist.gov/vuln/detail/CVE-2006-1117

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-1117

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-1117

EUVD