2 matches found
ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability EMC Identifier: ESA-2014-158 CVE Identifier: CVE-2014-4630 Severity Rating: CVSS v2 Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Affected Products: RSA BSAFE Micro...
CVE-2014-4630
The CVE-2014-4630 vulnerability affects EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4, where the server’s X.509 certificate is not consistently verified during renegotiation, enabling a triple-handshake MITM attack to access or modify TLS session data...