Observable Timing Discrepancy Vulnerability in Dell BSAFE Micro Edition Suite
CVE-2021-21575

5.9MEDIUM

Key Information:

Vendor

Dell
Status
Bsafe Micro Edition Suite
Vendor
CVE Published:
2 February 2024

What is CVE-2021-21575?

The BSAFE Micro Edition Suite by Dell exhibits an observable timing discrepancy vulnerability. This issue may allow an attacker to infer information based on the timing variations in responses, potentially compromising sensitive data. Versions prior to 4.5.2 are particularly affected, leading to risks associated with the integrity and confidentiality of sensitive applications that rely on this suite.

Affected Version(s)

BSAFE Micro Edition Suite All versions before 4.5.2

References

https://www.dell.com/support/kbdoc/en-us/000189462/dsa-20...
vendor-advisory

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.