Vulnerabilities > CVE-2018-11068 - Incomplete Cleanup vulnerability in Dell Bsafe Ssl-J

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

dell

CWE-459

NVD

Published: 2018-09-11

Updated: 2021-12-15

Summary

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Bsafe SSL J - Dell Bsafe SSL J 3.0 Dell Bsafe SSL J 3.0.1 Dell Bsafe SSL J 3.1 Dell Bsafe SSL J 5.1 Dell Bsafe SSL J 5.1.2 Dell Bsafe SSL J 5.1.3 Dell Bsafe SSL J 5.1.4 Dell Bsafe SSL J 6.0 Dell Bsafe SSL J 6.1 Dell Bsafe SSL J 6.1.2 Dell Bsafe SSL J 6.1.3 Dell Bsafe SSL J 6.2 Dell Bsafe SSL J 6.2.1 Dell Bsafe SSL J 6.2.2	15

Common Weakness Enumeration (CWE)

CWE-459 - Incomplete Cleanup

References

https://seclists.org/fulldisclosure/2018/Sep/7
http://www.securitytracker.com/id/1041614