Vendor scorecard
Thales SafeNet
Thales SafeNet security disclosure record — CVE volume, CVSS severity mix and product-category breakdown, sourced from the NIST NVD.
CPE: gemalto
Product families
1
Open in latest
2
Inferred — see methodology
Last disclosure
Feb 27, 2024
01
Product categories
1 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| SafeNet Authentication / Luna HSMIdentity & Access Managementsafenet_authentication_service, safenet_authentication_client, sentinel_ldk | 0 | 2 | 7.92LOW |
02
Recent CVEs
4 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2023-7016(opens NVD record) | High | 7.8 | A flaw in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to execute code at a SYSTEM level via local access. | Feb 27, 2024 |
| CVE-2023-5993(opens NVD record) | High | 7.8 | A flaw in the Windows Installer in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to escalate their privilege level via local access. | Feb 27, 2024 |
| CVE-2023-2737(opens NVD record) | Medium | 5.7 | Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation. | Aug 16, 2023 |
| CVE-2021-42056(opens NVD record) | Medium | 6.7 | Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges. | Jun 24, 2022 |
0 CVEs · 1 product families