Code injection

2014-04-1119:55:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.2%

JSON

EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain.

CPENameOperatorVersion
bsafe_micro-edition-suiteeq3.2.0
bsafe_micro-edition-suiteeq3.2.1
bsafe_micro-edition-suiteeq3.2.2
bsafe_micro-edition-suiteeq3.2.3
bsafe_micro-edition-suiteeq3.2.4
bsafe_micro-edition-suiteeq3.2.5
bsafe_micro-edition-suiteeq4.0.0
bsafe_micro-edition-suiteeq4.0.1
bsafe_micro-edition-suiteeq4.0.2
bsafe_micro-edition-suiteeq4.0.3

Name	Operator	Version
bsafe_micro-edition-suite	eq	3.2.0
bsafe_micro-edition-suite	eq	3.2.1
bsafe_micro-edition-suite	eq	3.2.2
bsafe_micro-edition-suite	eq	3.2.3
bsafe_micro-edition-suite	eq	3.2.4
bsafe_micro-edition-suite	eq	3.2.5
bsafe_micro-edition-suite	eq	4.0.0
bsafe_micro-edition-suite	eq	4.0.1
bsafe_micro-edition-suite	eq	4.0.2
bsafe_micro-edition-suite	eq	4.0.3