CVE-2012-5860 : Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards

Unspecified vulnerability on Oberthur ID-One COSMO 5.2, 5.2a, and 64 smart cards makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging the generation of non-compliant public keys.

Published 2012-11-14 12:31:00

Updated 2017-08-29 01:32:49

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2012-5860

Oberthur » Id-one Cosmo » Version: 64
cpe:2.3:h:oberthur:id-one_cosmo:64:*:*:*:*:*:*:*
Matching versions
Oberthur » Id-one Cosmo » Version: 5.2
cpe:2.3:h:oberthur:id-one_cosmo:5.2:*:*:*:*:*:*:*
Matching versions
Oberthur » Id-one Cosmo » Version: 5.2 Update A
cpe:2.3:h:oberthur:id-one_cosmo:5.2:a:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2012-5860

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 8 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2012-5860

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.0	MEDIUM	AV:L/AC:H/Au:N/C:N/I:C/A:N	1.9	6.9	NIST
Access Vector: Local Access Complexity: High Authentication: None Confidentiality Impact: None Integrity Impact: Complete Availability Impact: None

References for CVE-2012-5860

https://exchange.xforce.ibmcloud.com/vulnerabilities/80039

Oberthur ID-One COSMO weak security CVE-2012-5860 Vulnerability Report
http://www.kb.cert.org/vuls/id/659615

VU#659615 - Oberthur smart cards generate weak certificates
US Government Resource

Jump to

Vulnerability Details : CVE-2012-5860

Products affected by CVE-2012-5860

Exploit prediction scoring system (EPSS) score for CVE-2012-5860

CVSS scores for CVE-2012-5860

References for CVE-2012-5860