6.8

CVE-2015-1878

EPSS 0.07%
Veröffentlicht 18.08.2017 16:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key [KNETI] and impersonate the nShield Connect device on a network, affect the integrity and confidentiality of newly created keys, and potentially cause other unspecified impacts using previously loaded keys by connecting to the USB port on the front panel.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Thalesesecurity ≫ Nshield Connect Firmware Version <= 11.30

   Thalesesecurity ≫ Nshield Connect 1500 Version-
   Thalesesecurity ≫ Nshield Connect 500 Version-
   Thalesesecurity ≫ Nshield Connect 6000 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.176

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://www.securitytracker.com/id/1032152

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2015-1878

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-1878

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-1878

EUVD