The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x prior to 5.1.3 and 6.x prior to 6.0.2 allows remote malicious users to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
emc rsa bsafe ssl-j 5.1.0 |
||
emc rsa bsafe ssl-j 5.1.1 |
||
dell bsafe ssl-j 5.1.2 |
||
dell bsafe ssl-j 6.0 |
||
emc rsa bsafe ssl-j 5.0 |
||
emc rsa bsafe ssl-j 6.0.1 |