CVE Vulnerabilities

CVE-2024-35311

Insecure Storage of Sensitive Information

Published: May 29, 2024 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 FIPS before 5.7.2 have Incorrect Access Control.

Weakness

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References