Vulnerabilities > Dell > Bsafe Crypto C Micro Edition

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2020-35168 Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
network
low complexity
dell oracle
critical
9.8
2022-07-11 CVE-2020-35169 Improper Input Validation vulnerability in multiple products
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.
network
low complexity
dell oracle CWE-20
critical
9.8
2019-09-30 CVE-2019-3733 Incomplete Cleanup vulnerability in multiple products
RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'.
network
low complexity
emc dell CWE-459
4.9
2019-09-30 CVE-2019-3732 Information Exposure Through Discrepancy vulnerability in multiple products
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy.
network
low complexity
emc dell CWE-203
7.5
2019-09-30 CVE-2019-3731 Information Exposure Through Discrepancy vulnerability in Dell products
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy.
network
low complexity
dell CWE-203
7.5
2019-09-30 CVE-2019-3728 Out-of-bounds Read vulnerability in Dell products
RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature.
network
low complexity
dell CWE-125
7.5
2016-04-12 CVE-2016-0887 Information Exposure vulnerability in Dell products
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session.
network
high complexity
dell CWE-200
5.9