Cryptographic Algorithm Flaw in EMC RSA BSAFE-C Toolkits
CVE-2014-4191

Currently unrated

Key Information:

Vendor: Dell
Status: Bsafe Share
Vendor: CVE Published:; 17 June 2014

Summary

The TLS implementation in EMC RSA BSAFE-C Toolkits has a vulnerability related to the Dual_EC_DRBG algorithm, which generates a long sequence of random bytes. This flaw can potentially allow remote attackers to retrieve plaintext data from TLS sessions by exploiting the algorithm's inner state. This poses serious risks to data confidentiality and integrity, making it crucial for users and organizations to address this issue by patching the affected libraries or transitioning to more secure alternatives.

References

http://dualec.org/DualECTLS.pdf

x_refsource_MISC

http://dualec.org/

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 17, 2014