Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Thales nShield Connect hardware models 500, 1500, 6000, 500+, 1500+, and 6000+ before 11.72 allows physically proximate attackers to sign arbitrary data with previously loaded signing keys, extract the device identification key [KNETI] and impersonate the nShield Connect device on a network, affect the integrity and confidentiality of newly created keys, and potentially cause other unspecified impacts using previously loaded keys by connecting to the USB port on the front panel.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Thales nShield Connect硬件权限许可和访问控制漏洞
Vulnerability Description
Thales nShield Connect hardware models 500等都是美国Thales e-Security公司的网络型HSM(硬件安全模块)设备。 多款Thales nShield Connect硬件存在安全漏洞。物理位置临近的攻击者可利用该漏洞签署任意数据,提取任意的设备身份密钥,并欺骗nShield Connect设备。以下产品和版本受到影响:Thales nShield Connect 500 11.72之前的版本;1500 11.72之前的版本;6000 11.72之前的版本
CVSS Information
N/A
Vulnerability Type
N/A