admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2004/CVE-2004-00xx/CVE-2004-0063.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

132 lines
4.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2004-0063",
"sourceIdentifier": "cve@mitre.org",
"published": "2004-02-17T05:00:00.000",
"lastModified": "2024-11-20T23:47:40.683",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SPP_VerifyPVV function in nCipher payShield SPP library 1.3.12, 1.5.18 and 1.6.18 returns a Status_OK value even if the HSM returns a different status code, which could cause applications to make incorrect security-critical decisions, e.g. by accepting an invalid PIN number."
},
{
"lang": "es",
"value": "La funci\u00f3n SPP_VerifyPW en la librer\u00eda nCipher payShield 1.3.12, 1.5.18 y 1.6.18 devuelve un valor Status_OK incluso si el HSM devuelve un c\u00f3digo de estado diferente, lo que podr\u00eda causar que aplicaciones hiciesen decisi\u00f3nes cr\u00edticas de seguridad de mandera incorrecta, por ejemplo aceptando un n\u00famero PIN no v\u00e1lido."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": true,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ncipher:payshield_spp_library:1.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B09FF87A-E7A1-43D4-AAAB-1CEE32B55EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ncipher:payshield_spp_library:1.5.18:*:*:*:*:*:*:*",
"matchCriteriaId": "092628C5-FFC4-4C9F-9267-FB6FF68B6491"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ncipher:payshield_spp_library:1.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6A12E833-A4AF-4417-87D5-6F3F44CE96A6"
}
]
}
]
}
],
"references": [
{
"url": "http://marc.info/?l=bugtraq&m=107411819503569&w=2",
"source": "cve@mitre.org"
},
{
"url": "http://www.ncipher.com/support/advisories/advisory8_payshield.html",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/3537",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/9422",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14832",
"source": "cve@mitre.org"
},
{
"url": "http://marc.info/?l=bugtraq&m=107411819503569&w=2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.ncipher.com/support/advisories/advisory8_payshield.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.osvdb.org/3537",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/9422",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14832",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink