Описание
Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:symantec:pgp_universal_server:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:pgp_universal_server:3.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 45%
0.00225
Низкий
2.9 Low
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.
EPSS
Процентиль: 45%
0.00225
Низкий
2.9 Low
CVSS2
Дефекты
CWE-264