CVE-2002-0939

Name of the Vulnerable Software and Affected Versions: nCipher MSCAPI CSP version 5.50

Description: The issue concerns the Install Wizard for nCipher MSCAPI CSP, which fails to utilize Operator Card Set protected keys as requested by the user when the Operator Card Set is not generated. This results in a lower protection level than what the user specified, providing only module protection.

Recommendations: For version 5.50, ensure that the Operator Card Set is properly generated when requesting protected keys to maintain the desired protection level. As a temporary workaround, consider manually verifying the protection level after installation to ensure it meets the user's requirements.