Lucene search
HistoryMay 23, 2024 - 9:15 a.m.
CVE-2024-5264
network transfer
aes kht
thales luna eft
admin access
offline analysis
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
19.5%
Network Transfer with AES KHT in Thales Luna EFT 2.1 and above allows a user with administrative console access to access backups taken via offline analysis
Affected configurations
Node
thalesgroupluna_eftMatch2.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| thalesgroup:luna_eft | thalesgroup luna eft | eq | 2.1 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"modules": [
"Network Key Transfer with AES KHT"
],
"platforms": [
"Appliance"
],
"product": "Luna EFT",
"vendor": "Thales",
"versions": [
{
"status": "affected",
"version": "2.1.0"
}
]
}
]Related
nvd
nvd
CVE-2024-5264
2024-05-23 09:15:10
vulnrichment
vulnrichment
CVE-2024-5264 Network Key Transfer with AES KHT vulnerability in Luna EFT
2024-05-23 08:40:56
cvelist
cvelist
CVE-2024-5264 Network Key Transfer with AES KHT vulnerability in Luna EFT
2024-05-23 08:40:56
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
19.5%
Related for CVE-2024-5264