Описание
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.1.4 (исключая)Версия от 4.0.0 (включая) до 4.0.13 (исключая)Версия от 4.1.0 (включая) до 4.4.0 (исключая)
Одно из
cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00241
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-310
CWE-203
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
EPSS
Процентиль: 47%
0.00241
Низкий
5.9 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-310
CWE-203