2 matches found
ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities
ESA-2014-009.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-009: RSA BSAFE® SSL-J Multiple Vulnerabilities EMC Identifier: ESA-2014-009 CVE Identifier: CVE-2011-1473, CVE-2014-0625, CVE-2014-0626, CVE-2014-0627 Severity Rating: CVSS v2 Base Score: See below for individual scores...
CVE-2014-0627
Summary: CVE-2014-0627 affects EMC RSA BSAFE SSL-J (SSL-J) 5.x before 5.1.3 and 6.x before 6.0.2. The SSLEngine API can reveal information by using the wrap method after the Finished message in an incomplete handshake, potentially allowing an attacker to trigger a weak cipher suite. Impact: Infor...