Strix
26.1K

CVE-2002-0940

UnknownEPSS 0.40%

Last modified

CVE-2002-0940 is a vulnerability of currently unknown severity. domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).. EPSS estimates a 0.40% chance of exploitation in the next 30 days.

Description

domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).

Metrics

EPSS Probability
0.40%

31.4th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
NcipherMscapi Csp5.50
NcipherMscapi Csp5.54

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2002-0940?
domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).
How severe is CVE-2002-0940?
Severity scoring for CVE-2002-0940 is pending analysis. The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.
How do I fix CVE-2002-0940?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-0940?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST