CVE-2003-1417

Name of the Vulnerable Software and Affected Versions nCipher Support Software version 6.00

Description The issue concerns the generatekey KeySafe feature in nCipher Support Software, which fails to delete temporary key copies after import. This oversight may allow local users to access the key by reading the key.pem or key.der files.

Recommendations For nCipher Support Software version 6.00, consider manually deleting the temporary key.pem and key.der files after key import to prevent unauthorized access. As a temporary workaround, restrict access to these files to minimize the risk of exploitation.