Heap-based Buffer Overflow in RSA BSAFE Micro Edition Suite by RSA Security
CVE-2019-3729

2.4LOW

Key Information:

Vendor: Dell
Status: Rsa Bsafe Mes
Vendor: CVE Published:; 30 September 2019

Summary

The RSA BSAFE Micro Edition Suite versions prior to 4.4 are susceptible to a heap-based buffer overflow vulnerability when processing ECDSA signatures. This flaw permits malicious users with adjacent network access to potentially exploit it, leading to unexpected crashes in the library of the affected system. It is crucial for organizations utilizing this software to assess their environments and apply necessary updates to mitigate risks associated with this vulnerability.

Affected Version(s)

RSA BSAFE MES < 4.4

References

https://www.dell.com/support/kbdoc/000194054

x_refsource_MISC

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 30, 2019
Vulnerability Reserved
Jan 3, 2019