Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

rsa bsafe crypto-j vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2018-11070
RSA BSAFE Crypto-J versions before 6.2.4 and RSA BSAFE SSL-J versions before 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.
Dell Bsafe Crypto-jDell Rsa Bsafe Ssl-j
5
CVSSv2
CVE-2016-8212
An issue exists in EMC RSA BSAFE Crypto-J versions before 6.2.2. There is an Improper OCSP Validation Vulnerability. OCSP responses have two time values: thisUpdate and nextUpdate. These specify a validity period; however, both values are optional. Crypto-J treats the lack of a n...
Dell Bsafe Crypto-j
4.3
CVSSv2
CVE-2016-8217
EMC RSA BSAFE Crypto-J versions before 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12 file t...
Dell Bsafe Crypto-j
2.6
CVSSv2
CVE-2016-0887
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x prior to 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x prior to 4.1.3, RSA BSAFE Crypto-J prior to 6.2.1, RSA BSAFE SSL-J prior to 6.2.1, and RSA BSAFE SSL-C prior to 2.8.9 allow remote malicious users to di...
Dell Bsafe Crypto-c-micro-editionDell Bsafe Crypto-jDell Bsafe Ssl-jDell Bsafe Micro-edition-suiteDell Bsafe Ssl-c
5
CVSSv2
CVE-2015-0534
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x prior to 4.0.8 and 4.1.x prior to 4.1.3, RSA BSAFE Crypto-J prior to 6.2, RSA BSAFE SSL-J prior to 6.2, and RSA BSAFE SSL-C 2.8.9 and previous versions do not enforce certain constraints on certificate data, which allows remote malici...
Dell BsafeDell Bsafe Ssl-cDell Bsafe Ssl-j
4.3
CVSSv2
CVE-2019-3739
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
Dell Bsafe Ssl-jDell Bsafe Crypto-jDell Bsafe Cert-jOracle Retail Service Backbone 14.1Oracle Retail Integration Bus 14.1Oracle Retail Service Backbone 15.0Oracle Retail Integration Bus 15.0Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.2.1.3.0Oracle Retail Integration Bus 16.0Oracle Retail Xstore Point Of Service 17.0.3Oracle Weblogic Server 12.2.1.4.0Oracle Application Performance Management 13.3.0.0Oracle Weblogic Server 14.1.1.0.0Oracle Database 12.1.0.2Oracle Database 12.2.0.1Oracle Database 18cOracle Database 19cOracle Retail Assortment Planning 15.0.3.0Oracle Retail Predictive Application Server 14.1.3.0Oracle Retail Predictive Application Server 15.0.3.0Oracle Retail Assortment Planning 16.0.3.0
4.3
CVSSv2
CVE-2019-3738
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
Dell Bsafe Ssl-jDell Bsafe Crypto-jDell Bsafe Cert-jMcafee Threat Intelligence Exchange Server 3.0.0Mcafee Threat Intelligence Exchange ServerOracle Retail Service Backbone 14.1Oracle Retail Integration Bus 14.1Oracle Retail Service Backbone 15.0Oracle Retail Integration Bus 15.0Oracle Retail Integration Bus 16.0Oracle Communications Unified Inventory Management 7.3.2Oracle Communications Unified Inventory Management 7.3.4Oracle Communications Unified Inventory Management 7.3.5Oracle Communications Unified Inventory Management 7.4.0Oracle Retail Xstore Point Of Service 17.0.3Oracle Application Performance Management 13.3.0.0Oracle Database 12.1.0.2Oracle Database 12.2.0.1Oracle Database 18cOracle Database 19cOracle Retail Assortment Planning 15.0.3.0Oracle Retail Predictive Application Server 14.1.3.0
4.3
CVSSv2
CVE-2019-3740
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
Dell Bsafe Ssl-jDell Bsafe Crypto-jDell Bsafe Cert-jOracle Retail Service Backbone 14.1Oracle Retail Integration Bus 14.1Oracle Weblogic Server 12.1.3.0.0Oracle Retail Service Backbone 15.0Oracle Retail Integration Bus 15.0Oracle Weblogic Server 10.3.6.0.0Oracle Weblogic Server 12.2.1.3.0Oracle Retail Predictive Application Server 15.0Oracle Retail Integration Bus 16.0Oracle Communications Unified Inventory Management 7.3.2Oracle Communications Unified Inventory Management 7.3.4Oracle Communications Unified Inventory Management 7.3.5Oracle Communications Unified Inventory Management 7.4.0Oracle Retail Xstore Point Of Service 17.0.3Oracle Weblogic Server 12.2.1.4.0Oracle Application Performance Management 13.3.0.0Oracle Weblogic Server 14.1.1.0.0Oracle Database 12.1.0.2Oracle Database 12.2.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook