Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked when updating NFC specific components of the OTP configurations. This may allow an attacker to access configured OTPs and passwords stored in slots that were not configured by the user to be read over NFC, despite a user having set an access code. (Users who have not set an access code, or who have not configured the OTP slots, are not impacted by this issue.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yubico YubiKey 5 NFC 信息泄露漏洞
Vulnerability Description
Yubico YubiKey 5 NFC是瑞典Yubico公司的一款支持NFC(近距离无线通信)功能的多协议秘钥设备。 Yubico YubiKey 5 NFC 5.0.0版本至5.2.6版本和5.3.0版本至5.3.1版本中存在信息泄露漏洞。攻击者可利用该漏洞访问所配置的OTPs和所存储的密码。
CVSS Information
N/A
Vulnerability Type
N/A