CVE-2012-3582

EPSS 0.23%
Veröffentlicht 04.09.2012 11:04:49
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Symantec ≫ Pgp Universal Server Version3.2.0

Symantec ≫ Pgp Universal Server Version3.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.23%	0.422

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.9	5.5	2.9	AV:A/AC:M/Au:N/C:P/I:N/A:N

http://www.securityfocus.com/bid/55246

http://www.securitytracker.com/id?1027467

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120830_00

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-3582

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-3582

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-3582

EUVD