CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2019-3728
https://notcve.org/view.php?id=CVE-2019-3728
30 Sep 2019 — RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system. RSA BSAFE Crypto-C Micro Edition versiones anteriores a 4.0.5.4 (en versiones 4.0.x) y 4.1.4 (en versi... • https://www.dell.com/support/kbdoc/000194054 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2016-0887 – RSA BSAFE Lenstra's Attack
https://notcve.org/view.php?id=CVE-2016-0887
11 Apr 2016 — EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session. EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x y 4.1.x en versiones anteriores a ... • http://packetstormsecurity.com/files/136656/RSA-BSAFE-Lenstras-Attack.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2014-4630 – RSA BSAFE Micro Edition Suite / SSL-J Triple Handshake
https://notcve.org/view.php?id=CVE-2014-4630
30 Dec 2014 — EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x anterior a 4.0.6 y RSA BSAFE SSL-J anterior a 6.1.4 no asegura que el certificado de servidor X.509 sea el mismo durante la rene... • http://archives.neohapsis.com/archives/bugtraq/2014-12/0169.html • CWE-310: Cryptographic Issues •
CVSS: 5.9EPSS: 0%CPEs: 11EXPL: 0CVE-2014-0636 – RSA BSAFE Micro Edition Suite Certificate Chain Processing
https://notcve.org/view.php?id=CVE-2014-0636
11 Apr 2014 — EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain. EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x anterior a 3.2.6 y 4.0.x anterior a 4.0.5 no valida debidamente cadenas de certificados X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de una cadena de certificados manipulada. RSA BSAFE MES 3.2.6... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0069.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-0628 – RSA BSAFE Micro Edition Suite (MES) 4.0.x Denial of Service
https://notcve.org/view.php?id=CVE-2014-0628
24 Mar 2014 — The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.5 does not properly process certificate chains, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. El servidor en EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x anterior a 4.0.5 no procesa debidamente cadenas de certificados, lo que permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados. RSA BSAFE MES 4.0.5 contains fix for a se... • http://archives.neohapsis.com/archives/bugtraq/2014-03/0130.html • CWE-20: Improper Input Validation •