Lucene search

[email protected]CVE-2014-0636

HistoryApr 11, 2014 - 7:55 p.m.

CVE-2014-0636

2014-04-1119:55:04

CWE-310

[email protected]

web.nvd.nist.gov

cve-2014-0636

emc

rsa

bsafe

micro edition suite

mes

ssl

certificate

validation

x.509

man-in-the-middle

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.2%

JSON

EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain.

Affected configurations

NVD

Node

dellbsafe_micro-edition-suiteMatch3.2.0

dellbsafe_micro-edition-suiteMatch3.2.1

dellbsafe_micro-edition-suiteMatch3.2.2

dellbsafe_micro-edition-suiteMatch3.2.3

dellbsafe_micro-edition-suiteMatch3.2.4

dellbsafe_micro-edition-suiteMatch3.2.5

dellbsafe_micro-edition-suiteMatch4.0.0

dellbsafe_micro-edition-suiteMatch4.0.1

dellbsafe_micro-edition-suiteMatch4.0.2

dellbsafe_micro-edition-suiteMatch4.0.3

dellbsafe_micro-edition-suiteMatch4.0.4

CPENameOperatorVersion
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq3.2.0
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq3.2.1
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq3.2.2
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq3.2.3
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq3.2.4
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq3.2.5
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq4.0.0
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq4.0.1
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq4.0.2
dell:bsafe_micro-edition-suitedell bsafe micro-edition-suiteeq4.0.3

CPE	Name	Operator	Version
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	3.2.0
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	3.2.1
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	3.2.2
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	3.2.3
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	3.2.4
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	3.2.5
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	4.0.0
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	4.0.1
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	4.0.2
dell:bsafe_micro-edition-suite	dell bsafe micro-edition-suite	eq	4.0.3

Rows per page:

1-10 of 111

References

archives.neohapsis.com/archives/bugtraq/2014-04/0069.html

www.securityfocus.com/bid/66791

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.2%

JSON

Related for CVE-2014-0636

securityvulns2 cvelist1 prion1 nvd1