CVE-2012-3582

EPSS 0.23%
Published 04.09.2012 11:04:49
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Symantec ≫ Pgp Universal Server Version3.2.0

Symantec ≫ Pgp Universal Server Version3.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.23%	0.422

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.9	5.5	2.9	AV:A/AC:M/Au:N/C:P/I:N/A:N

http://www.securityfocus.com/bid/55246

http://www.securitytracker.com/id?1027467

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120830_00

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-3582

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-3582

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-3582

EUVD