Missing Required Cryptographic Step in Dell BSAFE Products
CVE-2020-29504

7.4HIGH

Key Information:

Vendor: Dell
Status: Bsafe Crypto-c Micro Edition; Dell Bsafe Micro Edition Suite
Vendor: CVE Published:; 2 February 2024

Summary

Dell BSAFE Crypto-C Micro Edition and BSAFE Micro Edition Suite have a vulnerability due to the absence of a necessary cryptographic step in their operations. This flaw could potentially compromise the security measures intended to protect sensitive data processed by these products. Affected versions prior to 4.1.5 for Crypto-C Micro Edition and before 4.5.2 for the Micro Edition Suite are particularly susceptible, emphasizing the importance of ensuring that users apply updates to mitigate risks associated with this vulnerability. Affected users are encouraged to review security advisories and update to the latest versions to maintain optimal security.

Affected Version(s)

BSAFE Crypto-C Micro Edition 0 < 4.1.5

Dell BSAFE Micro Edition Suite 0 < 4.5.2

References

https://www.dell.com/support/kbdoc/en-us/000181115/dsa-20...

vendor-advisory

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 2, 2024
Vulnerability Reserved
Dec 3, 2020