Heap Inspection Vulnerability in RSA BSAFE SSL-J Software
CVE-2018-11068

3.9LOW

Key Information:

Vendor: Dell
Status: Rsa Bsafe Ssl-j
Vendor: CVE Published:; 11 September 2018

Summary

The RSA BSAFE SSL-J software is affected by a Heap Inspection vulnerability, which enables attackers with physical access to the system to potentially extract sensitive key material. This poses significant risks to data integrity and confidentiality, highlighting the importance of securing access to systems utilizing this software version.

Affected Version(s)

RSA BSAFE SSL-J < 6.2.4

References

http://www.securitytracker.com/id/1041614

vdb-entryx_refsource_SECTRACK

https://seclists.org/fulldisclosure/2018/Sep/7

mailing-listx_refsource_FULLDISC

CVSS V3.1

Score:

3.9

Severity:

LOW

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2018
Vulnerability Reserved
May 14, 2018