CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
35.9%
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server’s X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a “triple handshake attack.”
Vendor | Product | Version | CPE |
---|---|---|---|
dell | bsafe_micro-edition-suite | 4.0.0 | cpe:2.3:a:dell:bsafe_micro-edition-suite:4.0.0:*:*:*:*:*:*:* |
dell | bsafe_micro-edition-suite | 4.0.1 | cpe:2.3:a:dell:bsafe_micro-edition-suite:4.0.1:*:*:*:*:*:*:* |
dell | bsafe_micro-edition-suite | 4.0.2 | cpe:2.3:a:dell:bsafe_micro-edition-suite:4.0.2:*:*:*:*:*:*:* |
dell | bsafe_micro-edition-suite | 4.0.3 | cpe:2.3:a:dell:bsafe_micro-edition-suite:4.0.3:*:*:*:*:*:*:* |
dell | bsafe_micro-edition-suite | 4.0.4 | cpe:2.3:a:dell:bsafe_micro-edition-suite:4.0.4:*:*:*:*:*:*:* |
dell | bsafe_micro-edition-suite | 4.0.5 | cpe:2.3:a:dell:bsafe_micro-edition-suite:4.0.5:*:*:*:*:*:*:* |
dell | bsafe_ssl-j | * | cpe:2.3:a:dell:bsafe_ssl-j:*:*:*:*:*:*:*:* |