Improper OCSP Validation in RSA BSAFE Crypto-J by EMC
CVE-2016-8212

7.5HIGH

Key Information:

Vendor: Dell
Status: Rsa Bsafe Crypto-j Rsa Bsafe Crypto-j Versions Prior To 6.2.2
Vendor: CVE Published:; 3 February 2017

What is CVE-2016-8212?

An improper OCSP validation vulnerability exists in EMC's RSA BSAFE Crypto-J. In affected versions, the system incorrectly interprets the absence of the nextUpdate field in OCSP responses as validation for an indefinite period. This flaw could potentially allow unauthorized access by ignoring expiration constraints, thereby undermining the efficacy of OCSP for certificate status verification. Users are urged to update to versions 6.2.2 or later to mitigate this security risk.

Affected Version(s)

RSA BSAFE Crypto-J RSA BSAFE Crypto-J prior to 6.2.2 RSA BSAFE Crypto-J RSA BSAFE Crypto-J versions prior to 6.2.2

References

http://www.securityfocus.com/archive/1/540066/30/0/threaded

x_refsource_CONFIRM

http://www.securityfocus.com/bid/95831

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1037732

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 3, 2017
Vulnerability Reserved
Sep 13, 2016

Dell

What is CVE-2016-8212?

Affected Version(s)

References

CVSS V3.1

Timeline