1.3 CVE-2015-5464

Local Execution Code

 

The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.
https://nvd.nist.gov/vuln/detail/CVE-2015-5464

Categories

CWE-284 : Improper Access Control
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. The terms "access control" and "authorization" are often used interchangeably, although many people have distinct definitions. The CWE usage of "access control" is intended as a general term for the various mechanisms that restrict which users can access which resources, and "authorization" is more narrowly defined. It is unlikely that there will be community consensus on the use of these terms. Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software. Chain: Cloud computing virtualization platform does not require authentication for upload of a tar format file (CWE-306), then uses .. path traversal sequences (CWE-23) in the file to access unexpected files, as exploited in the wild per CISA KEV. IT management product does not perform authentication for some REST API requests, as exploited in the wild per CISA KEV. Default setting in workflow management product allows all API requests without authentication, as exploited in the wild per CISA KEV. Bulletin board applies restrictions on number of images during post creation, but does not enforce this on editing.

References


 

CPE

cpe start end
Configuration 1
cpe:2.3:h:gemalto:safenet_luna_g5:*:*:*:*:*:*:*:*
cpe:2.3:h:gemalto:safenet_luna_pci-e:*:*:*:*:*:*:*:*
cpe:2.3:h:gemalto:safenet_luna_sa:*:*:*:*:*:*:*:*

Exploits

id description date
No known exploits

CAPEC

id description severity
19 Embedding Scripts within Scripts
High
441 Malicious Logic Insertion
High
478 Modification of Windows Service Configuration
High
479 Malicious Root Certificate
Low
502 Intent Spoof
503 WebView Exposure
536 Data Injected During Configuration
High
550 Install New Service
552 Install Rootkit
High
556 Replace File Extension Handlers
558 Replace Trusted Executable
High
562 Modify Shared File
563 Add Malicious File to Shared Webroot
564 Run Software at Logon
578 Disable Security Software
Medium
546 Incomplete Data Deletion in a Multi-Tenant Environment
Medium
551 Modify Existing Service

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution