Bsafe Security Vulnerabilities and Issues — Bsafe CVE List

Lucene search

DellBsafe

7 matches found

CVE•added 2015/08/20 10:59 a.m.•71 views

CVE-2015-0533

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-35...

7.5CVSS6.8AI score0.02137EPSS

CVE•added 2015/08/20 10:59 a.m.•54 views

CVE-2015-0534

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based cer...

7.5CVSS6.7AI score0.05359EPSS

CVE•added 2016/09/18 2:59 a.m.•54 views

CVE-2016-0923

The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server be...

7.5CVSS7.4AI score0.00578EPSS

CVE•added 2015/08/20 10:59 a.m.•53 views

CVE-2015-0535

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, relat...

7.5CVSS6.4AI score0.88519EPSS

CVE•added 2018/11/16 9:29 p.m.•49 views

CVE-2018-15769

RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value i...

7.5CVSS8.3AI score0.01571EPSS

CVE•added 2015/08/20 10:59 a.m.•48 views

CVE-2015-0536

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange mes...

7.5CVSS7.4AI score0.10307EPSS

CVE•added 2018/08/31 6:29 p.m.•45 views

CVE-2018-11054

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

7.5CVSS8.4AI score0.0235EPSS