Safenet Luna G5
CVE-2015-5464
LOW
Severity by source
AV:L/AC:M/Au:M/C:P/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:M/Au:M/C:P/I:N/A:N
Lifecycle Timeline
1DescriptionCVE.org
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.
AnalysisAI
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition. Rated low severity (CVSS 1.3). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-284. The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition. Affected products include: Gemalto Safenet Luna G5, Gemalto Safenet Luna Pci-E, Gemalto Safenet Luna Sa.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today