12 matches found
EUVD-2020-18781
Malware in sbrugna...
CVE-2020-26155
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with Read/Write permissions for authenticated users, which allows for binaries to be manipulated by non-administrator users. Additionally, entries are made to the PATH environment variable which, in...
Design/Logic Flaw
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with Read/Write permissions for authenticated users, which allows for binaries to be manipulated by non-administrator users. Additionally, entries are made to the PATH environment variable which, in...
CVE-2020-26155
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with Read/Write permissions for authenticated users, which allows for binaries to be manipulated by non-administrator users. Additionally, entries are made to the PATH environment variable which, in...
CVE-2020-26155
Technical details (affected product versions, root cause, impact, or fix) for CVE-2020-26155 are not provided in the connected documents. Only the general description is present. Monitor for updates.
Utimaco SecurityServer 安全漏洞
Utimaco SecurityServer is an application chip from Utimaco, Germany. It provides a general-purpose hardware security module that secures encryption key material for servers and applications. A security vulnerability exists in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0, which can be exploited by...
CVE-2018-19589
Incorrect Access Controls of Security Officer SO in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in...
Design/Logic Flaw
Incorrect Access Controls of Security Officer SO in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in...
CVE-2018-19589
The CVE-2018-19589 describes incorrect access controls in the PKCS11 R2 provider shipping with Utimaco CryptoServer HSM. An SO authenticated to a slot can retrieve attributes of keys marked as private in external key storage and can delete such keys, potentially compromising availability of all e...
CVE-2018-19589
Incorrect Access Controls of Security Officer SO in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in...
CVE-2006-7142
The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in executable programs for encrypted configuration files, which allows attackers to recover the keys from the configuration files and decrypt the disk drive...
CVE-2006-7142
The CVE-2006-7142 entry concerns Utimaco Safeguard’s centralized management feature, which stores hard-coded cryptographic keys inside executable binaries for encrypted configuration files. The underlying issue is hard-coded keys that can be extracted from the configuration files, enabling attack...