Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 17/06/2014 Updated: 19/06/2014

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent malicious users to defeat cryptographic protection mechanisms by leveraging unspecified "security concerns," aka the ESA-2013-068 issue. NOTE: this issue has been SPLIT from CVE-2007-6755 because the vendor announcement did not state a specific technical rationale for a change in the algorithm; thus, CVE cannot reach a conclusion that a CVE-2007-6755 concern was the reason, or one of the reasons, for this change.

Vulnerable Product	Search on Vulmon	Subscribe to Product
emc rsa bsafe toolkits -
emc rsa data protection manager 20130918

CWE-310 http://blog.cryptographyengineering.com/2013/09/rsa-warns-developers-against-its-own.html http://threatpost.com/in-wake-of-latest-crypto-revelations-everything-is-suspect http://arstechnica.com/security/2013/09/stop-using-nsa-influence-code-in-our-product-rsa-tells-customers/http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-332655/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-6078

Vulnerability Summary

References

Vulmon Search

About

Products

Connect