Lucene search
K
DellBsafe

12 matches found

CVE
CVE
added 2018/09/14 8:0 p.m.108 views

CVE-2018-11058

CVE-2018-11058 affects RSA BSAFE Micro Edition Suite (4.0.x before 4.0.11; 4.1.x before 4.1.6) and RSA BSAFE Crypto-C Micro Edition (4.0.x before 4.0.5.3). The issue is a buffer over-read when parsing ASN.1 data, exploitable by remotely crafted ASN.1 input. Connected Nessus entries (e.g., Oracle ...

9.8CVSS9.1AI score0.04012EPSS
CVE
CVE
added 2015/08/20 10:0 a.m.89 views

CVE-2015-0533

CVE-2015-0533 concerns EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x prior to 4.0.8 and 4.1.x prior to 4.1.3, and RSA BSAFE SSL-C 2.8.9 and earlier. It allows remote SSL servers to perform an ECDHE-to-ECDH downgrade by omitting the ServerKeyExchange message, potentially harming forward secrecy. T...

7.5CVSS6.8AI score0.00801EPSS
CVE
CVE
added 2016/09/18 1:0 a.m.85 views

CVE-2016-0923

CVE-2016-0923 affects the EMC RSA BSAFE Micro Edition Suite (MES) client. The vulnerability is that MES 4.0.x (before 4.0.9) and 4.1.x (before 4.1.5) places the weakest signature algorithms first in the signature-algorithm list sent to the server, enabling a remote attacker to defeat cryptographi...

7.5CVSS7.4AI score0.01603EPSS
CVE
CVE
added 2015/08/20 10:0 a.m.79 views

CVE-2015-0537

CVE-2015-0537 concerns an integer underflow in the base64-decoding path of EMC RSA BSAFE MES, RSA BSAFE Crypto-C ME, and RSA BSAFE SSL-C. The issue can trigger memory corruption or a segmentation fault, enabling denial of service or potentially other impact via crafted base64 data. Affected produ...

9.8CVSS7.5AI score0.02644EPSS
CVE
CVE
added 2015/08/20 10:0 a.m.77 views

CVE-2015-0534

CVE-2015-0534 affects multiple EMC RSA BSAFE products where certificate data in the unsigned portion can bypass a fingerprint-based blacklist, allowing remote attackers to defeat the protection mechanism. The initial entry lists affected components: MES 4.0.x (before 4.0.8) and 4.1.x (before 4.1....

7.5CVSS6.7AI score0.01413EPSS
CVE
CVE
added 2015/08/20 10:0 a.m.69 views

CVE-2015-0535

Technical details about CVE-2015-0535 are not provided in the connected documents. Public information that is present covers FREAK generally and related CVEs, but does not specify affected products, versions, or fixes for this exact CVE. Monitor for updates.

7.5CVSS6.4AI score0.0106EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.64 views

CVE-2018-11055

RSA BSAFE Micro Edition Suite (MES) contains an Improper Clearing of Heap Memory Before Release vulnerability in MES versions 4.0.x before 4.0.11 and 4.1.x before 4.1.6.1. Decoded PKCS#12 data in heap memory is not zeroized before memory release, enabling a local attacker to access previously dec...

5.5CVSS6.9AI score0.00426EPSS
CVE
CVE
added 2018/11/16 9:0 p.m.64 views

CVE-2018-15769

CVE-2018-15769 affects RSA BSAFE Micro Edition Suite: versions before 4.0.11 (4.0.x) and before 4.1.6.2 (4.1.x). The issue is a key management flaw that can allow a TLS server using Ephemeral/Anonymous Diffie-Hellman (DHE/ADH) ciphers to cause a Denial-of-Service on TLS clients during the handsha...

7.5CVSS8.3AI score0.0265EPSS
CVE
CVE
added 2015/08/20 10:0 a.m.62 views

CVE-2015-0536

EMC RSA BSAFE MES 4.0.x (before 4.0.8) and 4.1.x (before 4.1.3) and RSA BSAFE SSL-C 2.8.9 and earlier are affected when client authentication and an ephemeral DH ciphersuite are enabled. A ClientKeyExchange message with length zero can cause a denial of service (daemon crash). The vulnerability i...

7.5CVSS7.4AI score0.02003EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.62 views

CVE-2018-11056

The CVE describes a DoS risk in Dell EMC RSA BSAFE Micro Edition Suite (MES) before 4.1.6.1 (4.1.x line) and RSA BSAFE Crypto-C Micro Edition before 4.0.5.3 (4.0.x line). The vulnerability is an Uncontrolled Resource Consumption (Resource Exhaustion) when parsing ASN.1 data, allowing a remote att...

6.5CVSS7.6AI score0.01869EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.59 views

CVE-2018-11054

CVE-2018-11054 affects RSA BSAFE Micro Edition Suite (MES) 4.1.6. An integer overflow vulnerability exists in the MES ASN.1 processing, allowing a remote attacker to trigger a Denial of Service by sending maliciously constructed ASN.1 data. The provided documents confirm the vulnerability details...

7.5CVSS8.4AI score0.03235EPSS
CVE
CVE
added 2018/08/31 6:0 p.m.56 views

CVE-2018-11057

CVE-2018-11057 affects Dell EMC RSA BSAFE Micro Edition Suite (MES) versions before 4.0.11 (in 4.0.x) and before 4.1.6.1 (in 4.1.x). The vulnerability is a covert timing channel during RSA decryption, i.e., Bleichenbacher-style timing leakage, enabling a remote attacker to recover an RSA key. The...

5.9CVSS7.2AI score0.01666EPSS