Information Exposure Risk in RSA BSAFE Crypto-C Micro Edition and RSA Micro Edition Suite
CVE-2019-3732

5.9MEDIUM

Key Information:

Vendor: Dell
Status: Rsa Bsafe Crypto-c Micro Edition; Rsa Bsafe Mes
Vendor: CVE Published:; 30 September 2019

Summary

RSA BSAFE Crypto-C Micro Edition and RSA Micro Edition Suite are susceptible to an information exposure vulnerability due to a timing discrepancy. This flaw allows malicious remote users to exploit the vulnerability and potentially extract sensitive information, thus putting critical data at risk. Users of these affected versions should prioritize patching to mitigate this risk.

Affected Version(s)

RSA BSAFE Crypto-C Micro Edition < 4.1.4

RSA BSAFE MES < 4.4

References

https://www.dell.com/support/kbdoc/000194054

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 30, 2019
Vulnerability Reserved
Jan 3, 2019