Описание
RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the library of the affected system.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.0.0 (включая) до 4.0.13 (исключая)Версия от 4.1.0 (включая) до 4.4.0 (исключая)
Одно из
cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00116
Низкий
2.4 Low
CVSS3
2.4 Low
CVSS3
2.7 Low
CVSS2
Дефекты
CWE-121
CWE-787
Связанные уязвимости
CVSS3: 2.4
github
больше 3 лет назад
RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the library of the affected system.
EPSS
Процентиль: 31%
0.00116
Низкий
2.4 Low
CVSS3
2.4 Low
CVSS3
2.7 Low
CVSS2
Дефекты
CWE-121
CWE-787