Vulnerabilities > Dell > Bsafe
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-16 | CVE-2018-15769 | RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. | 7.5 |
2018-09-14 | CVE-2018-11058 | Out-of-bounds Read vulnerability in multiple products RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. | 9.8 |
2018-08-31 | CVE-2018-11057 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. | 5.9 |
2018-08-31 | CVE-2018-11056 | Resource Exhaustion vulnerability in multiple products RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. | 6.5 |
2018-08-31 | CVE-2018-11055 | Improper Resource Shutdown or Release vulnerability in multiple products RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability. | 5.5 |
2018-08-31 | CVE-2018-11054 | Integer Overflow or Wraparound vulnerability in multiple products RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. | 7.5 |
2016-09-18 | CVE-2016-0923 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used. | 7.5 |
2015-08-20 | CVE-2015-0537 | Integer Underflow (Wrap or Wraparound) vulnerability in Dell Bsafe, Bsafe Crypto-C and Bsafe Ssl-C Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292. | 9.8 |
2015-08-20 | CVE-2015-0536 | Unspecified vulnerability in Dell Bsafe and Bsafe Ssl-C EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allow remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero, a similar issue to CVE-2015-1787. | 7.5 |
2015-08-20 | CVE-2015-0535 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe and Bsafe Ssl-C EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a similar issue to CVE-2015-0204. | 7.5 |