Vulnerabilities > Dell > Bsafe SSL J > 3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2022-34381 | Unspecified vulnerability in Dell Bsafe Crypto-J and Bsafe Ssl-J Dell BSAFE SSL-J version 7.0 and all versions prior to 6.5, and Dell BSAFE Crypto-J versions prior to 6.2.6.1 contain an unmaintained third-party component vulnerability. | 9.8 |
| 2023-02-10 | CVE-2022-34364 | Exposure of Resource to Wrong Sphere vulnerability in Dell Bsafe Ssl-J Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. | 4.4 |
| 2019-09-18 | CVE-2019-3740 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3739 | Cryptographic Issues vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. | 6.5 |
| 2019-09-18 | CVE-2019-3738 | Missing Required Cryptographic Step vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. | 6.5 |
| 2018-09-11 | CVE-2018-11069 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Bsafe Ssl-J RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. | 4.3 |
| 2018-09-11 | CVE-2018-11068 | Incomplete Cleanup vulnerability in Dell Bsafe Ssl-J RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. | 2.1 |
| 2016-04-12 | CVE-2016-0887 | Information Exposure vulnerability in Dell products EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session. | 2.6 |
| 2015-08-20 | CVE-2015-0534 | Improper Certificate Validation vulnerability in Dell Bsafe, Bsafe Ssl-C and Bsafe Ssl-J EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate's unsigned portion, a similar issue to CVE-2014-8275. | 5.0 |
| 2014-12-30 | CVE-2014-4630 | Cryptographic Issues vulnerability in Dell Bsafe Micro-Edition-Suite and Bsafe Ssl-J EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a "triple handshake attack." | 4.3 |