Information disclosure

2019-09-3022:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

JSON

RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

CPENameOperatorVersion
bsafe_crypto-c-micro-editionge4.0
bsafe_crypto-c-micro-editionlt4.0.5.3
bsafe_micro-edition-suitege4.0.0
bsafe_micro-edition-suitelt4.0.11
bsafe_micro-edition-suitege4.1.0
bsafe_micro-edition-suitelt4.1.6.1
bsafe_micro-edition-suitege4.2.0
bsafe_micro-edition-suitelt4.3.3
rsa_bsafe_crypto-cge4.1
rsa_bsafe_crypto-clt4.1.3.3

Name	Operator	Version
bsafe_crypto-c-micro-edition	ge	4.0
bsafe_crypto-c-micro-edition	lt	4.0.5.3
bsafe_micro-edition-suite	ge	4.0.0
bsafe_micro-edition-suite	lt	4.0.11
bsafe_micro-edition-suite	ge	4.1.0
bsafe_micro-edition-suite	lt	4.1.6.1
bsafe_micro-edition-suite	ge	4.2.0
bsafe_micro-edition-suite	lt	4.3.3
rsa_bsafe_crypto-c	ge	4.1
rsa_bsafe_crypto-c	lt	4.1.3.3

References

www.dell.com/support/kbdoc/000194054