Name of the Vulnerable Software and Affected Versions: opencryptoki versions 2.11

Description: The opencryptoki packages contain a version of the PKCS#11 API implemented for IBM Cryptocards. These packages include support for various IBM cryptographic hardware and a software token implementation. A bug was found where the pkcstok migrate function leaves options with multiple strings in the opencryptoki.conf file options without double-quotes.

Recommendations: For opencryptoki version 2.11, ensure that options with multiple strings in the opencryptoki.conf file are properly enclosed in double-quotes to prevent potential issues.

Note: At the moment, there is no information about a newer version that contains a fix for this vulnerability.