CVE-2019-3730

5.9MEDIUM

Key Information:

Vendor: Dell
Status: Rsa Bsafe Mes
Vendor: CVE Published:; 30 September 2019

Summary

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

Affected Version(s)

RSA BSAFE MES < 4.4

References

https://www.dell.com/support/kbdoc/000194054

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 30, 2019
Vulnerability Reserved
Jan 3, 2019