CVE-2012-3582

CWE-2643 documents3 sources
Severity
2.9LOW
EPSS
0.2%
top 54.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec PGP Universal Server
Timeline
PublishedSep 4
Latest updateMay 17

Description

Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circumstances by making a request near the end of a user's session.

CVSS vector

AV:A/AC:M/C:P/I:N/A:NExploitability: 5.5 | Impact: 2.9

Affected Packages1 packages

NVDsymantec/pgp_universal_server3.2.0, 3.2.1+1

🔴Vulnerability Details

2
GHSA
GHSA-569w-ffr4-5c26: Symantec PGP Universal Server 32022-05-17
CVEList
CVE-2012-3582: Symantec PGP Universal Server 32012-09-04
CVE-2012-3582 (LOW CVSS 2.9) | Symantec PGP Universal Server 3.2.x | cvebase.io