Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Bsafe_micro\-Edition\-Suite
(Dell)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 26 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-09-30 | CVE-2019-3732 | RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure. | Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite, Rsa_bsafe_crypto\-C | 7.5 | ||
2019-09-30 | CVE-2019-3728 | RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system. | Bsafe_crypto\-C\-Micro\-Edition, Bsafe_micro\-Edition\-Suite | 7.5 | ||
2016-04-12 | CVE-2016-0887 | EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session. | Bsafe_crypto\-C\-Micro\-Edition, Bsafe_crypto\-J, Bsafe_micro\-Edition\-Suite, Bsafe_ssl\-C, Bsafe_ssl\-J | 5.9 | ||
2014-03-25 | CVE-2014-0628 | The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.5 does not properly process certificate chains, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | Bsafe_micro\-Edition\-Suite | N/A | ||
2014-04-11 | CVE-2014-0636 | EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain. | Bsafe_micro\-Edition\-Suite | N/A | ||
2014-12-30 | CVE-2014-4630 | EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." | Bsafe_micro\-Edition\-Suite, Bsafe_ssl\-J | N/A |