EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x prior to 4.0.6 and RSA BSAFE SSL-J prior to 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle malicious users to obtain sensitive information or modify TLS session data via a "triple handshake attack."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dell bsafe micro-edition-suite 4.0.0 |
||
dell bsafe micro-edition-suite 4.0.2 |
||
dell bsafe micro-edition-suite 4.0.3 |
||
dell bsafe micro-edition-suite 4.0.4 |
||
dell bsafe micro-edition-suite 4.0.5 |
||
dell bsafe ssl-j |
||
dell bsafe micro-edition-suite 4.0.1 |