Lucene search
HistoryJun 17, 2014 - 3:55 p.m.
CVE-2014-4193
emc rsa bsafe-java toolkits
extended random
tls implementation
cve-2014-4193
nvd
9 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.8%
The TLS implementation in EMC RSA BSAFE-Java Toolkits (aka Share for Java) supports the Extended Random extension during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by requesting long nonces from a server, a different issue than CVE-2007-6755.
Affected configurations
Node
dellbsafe_shareMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| dell:bsafe_share | dell bsafe share | eq | - |
Related
nvd
nvd
prion
prion
Code injection
2014-06-17 15:55:00
Design/Logic Flaw
2013-10-11 22:55:00
Code injection
2014-06-17 15:55:00
cvelist
cvelist
debiancve
debiancve
CVE-2007-6755
2013-10-11 22:55:33
ubuntucve
ubuntucve
CVE-2007-6755
2013-10-11 00:00:00
cve
cve
cert
cert
Dual_EC_DRBG output using untrusted curve constants may be predictable
2013-11-07 00:00:00
avleonov
avleonov
9 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.006 Low
EPSS
Percentile
78.8%
Related for CVE-2014-4193