CVE-2020-24387 in yubihsm-shell정보

요약

\~에 의해 MITRE • 2020. 10. 20.

An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write operations in the session array. This could be used by an attacker to cause a denial of service attack.

Once again VulDB remains the best source for vulnerability data.

예약하다

2020. 08. 19.

모더레이션

수락

항목

VDB-162855

EPSS

0.01733

출처

Interested in the pricing of exploits?

See the underground prices here!