Skip to main content

Bsafe Ssl J

14 CVEs product

Monthly

CVE-2024-29172 MEDIUM This Month

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Dell Denial Of Service Bsafe Ssl J
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-29171 MEDIUM This Month

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Dell Information Disclosure Bsafe Ssl J
NVD
CVSS 3.1
5.9
EPSS
0.1%
CVE-2022-24409 HIGH This Week

Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Bsafe Ssl J
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-3740 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Application Performance Management +14
NVD
CVSS 3.1
6.5
EPSS
3.8%
CVE-2019-3739 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Application Performance Management +12
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2019-3738 MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J Bsafe Ssl J Threat Intelligence Exchange Server +12
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2018-11069 MEDIUM This Month

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Bsafe Ssl J
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2018-11068 MEDIUM This Month

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Ssl J
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2016-0887 MEDIUM This Month

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Bsafe Crypto C Micro Edition Bsafe Crypto J Bsafe Micro Edition Suite Bsafe Ssl C +1
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2015-0534 HIGH This Week

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Bsafe Ssl C Bsafe Ssl J
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2014-4630 MEDIUM This Month

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Bsafe Micro Edition Suite Bsafe Ssl J
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-0627 MEDIUM This Month

The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Ssl J Rsa Bsafe Ssl J
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-0626 MEDIUM This Month

The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Bsafe Ssl J Rsa Bsafe Ssl J
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-0625 MEDIUM This Month

The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Bsafe Ssl J Rsa Bsafe Ssl J
NVD
CVSS 2.0
5.0
EPSS
0.5%
EPSS 0% CVSS 5.9
MEDIUM This Month

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Dell Denial Of Service Bsafe Ssl J
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verification vulnerability. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Dell Information Disclosure Bsafe Ssl J
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Dell BSAFE SSL-J contains remediation for a covert timing channel vulnerability that may be exploited by malicious users to compromise the affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Dell Information Disclosure Bsafe Ssl J
NVD
EPSS 4% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +16
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +14
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Bsafe Cert J Bsafe Crypto J +14
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Bsafe Ssl J
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Ssl J
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Bsafe Crypto C Micro Edition Bsafe Crypto J +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Bsafe Ssl C +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Bsafe Micro Edition Suite Bsafe Ssl J
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Bsafe Ssl J Rsa Bsafe Ssl J
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Bsafe Ssl J Rsa Bsafe Ssl J
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Bsafe Ssl J Rsa Bsafe Ssl J
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy