Vulnerabilities > CVE-2019-3733 - Incomplete Cleanup vulnerability in multiple products

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

dell

emc

CWE-459

NVD

Published: 2019-09-30

Updated: 2022-04-12

Summary

RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

Vulnerable Configurations

Part	Description	Count
Application	Dell Dell Bsafe Crypto C Micro Edition 4.1 Dell Bsafe Crypto C Micro Edition 4.1.0 Dell Bsafe Crypto C Micro Edition 4.1.1 Dell Bsafe Crypto C Micro Edition 4.1.2 Dell Bsafe Crypto C Micro Edition 4.1.3 Dell Bsafe Crypto C Micro Edition 4.1.3.1 Dell Bsafe Crypto C Micro Edition 4.1.3.2 Dell Bsafe Crypto C Micro Edition 4.1.3.3	8
Application	Emc EMC RSA Bsafe Crypto C 4.0 EMC RSA Bsafe Crypto C 4.0.0 EMC RSA Bsafe Crypto C 4.0.4 EMC RSA Bsafe Crypto C 4.0.5 EMC RSA Bsafe Crypto C 4.0.5.3	10

Common Weakness Enumeration (CWE)

CWE-459 - Incomplete Cleanup

References

https://www.dell.com/support/kbdoc/000194054