Memory Encryption Key Exposure in Unisys Stealth Solution
CVE-2018-7534

4.7MEDIUM

Key Information:

Vendor: Unisys
Status: Stealth Authorization Server
Vendor: CVE Published:; 30 May 2018

What is CVE-2018-7534?

In versions prior to 3.3.017.0 of the Unisys Stealth Solution, an encryption key may inadvertently remain in memory, potentially exposing sensitive data to unauthorized users. This vulnerability highlights the importance of secure memory management in safeguarding encryption keys, which play a critical role in data protection and confidentiality. Organizations using this solution are advised to implement necessary patches to mitigate risks associated with this exposure.

References

http://public.support.unisys.com/common/public/vulnerabil...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2018
Vulnerability Reserved
Feb 26, 2018

CVE-2018-7534 Data

JSON