CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2016-0887 – RSA BSAFE Lenstra's Attack
https://notcve.org/view.php?id=CVE-2016-0887
11 Apr 2016 — EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session. EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x y 4.1.x en versiones anteriores a ... • http://packetstormsecurity.com/files/136656/RSA-BSAFE-Lenstras-Attack.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0CVE-2014-4630 – RSA BSAFE Micro Edition Suite / SSL-J Triple Handshake
https://notcve.org/view.php?id=CVE-2014-4630
30 Dec 2014 — EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x anterior a 4.0.6 y RSA BSAFE SSL-J anterior a 6.1.4 no asegura que el certificado de servidor X.509 sea el mismo durante la rene... • http://archives.neohapsis.com/archives/bugtraq/2014-12/0169.html • CWE-310: Cryptographic Issues •
CVSS: 5.9EPSS: 0%CPEs: 11EXPL: 0CVE-2014-0636 – RSA BSAFE Micro Edition Suite Certificate Chain Processing
https://notcve.org/view.php?id=CVE-2014-0636
11 Apr 2014 — EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain. EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x anterior a 3.2.6 y 4.0.x anterior a 4.0.5 no valida debidamente cadenas de certificados X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de una cadena de certificados manipulada. RSA BSAFE MES 3.2.6... • http://archives.neohapsis.com/archives/bugtraq/2014-04/0069.html • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-0628 – RSA BSAFE Micro Edition Suite (MES) 4.0.x Denial of Service
https://notcve.org/view.php?id=CVE-2014-0628
24 Mar 2014 — The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.5 does not properly process certificate chains, which allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. El servidor en EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x anterior a 4.0.5 no procesa debidamente cadenas de certificados, lo que permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados. RSA BSAFE MES 4.0.5 contains fix for a se... • http://archives.neohapsis.com/archives/bugtraq/2014-03/0130.html • CWE-20: Improper Input Validation •