Overview
- Description
- RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
- Source
- security_alert@emc.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 3.0
- Type
- Secondary
- Base score
- 5.9
- Impact score
- 3.6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "095AE520-E38F-4846-94D5-646C27F7DC72",
"versionEndExcluding": "4.0.5.3",
"versionStartIncluding": "4.0"
},
{
"criteria": "cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D325BF2-2A0A-4E44-A486-A5EC94483411",
"versionEndExcluding": "4.0.11",
"versionStartIncluding": "4.0.0"
},
{
"criteria": "cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85B59096-FD21-4428-A3B5-7B053771A6BD",
"versionEndExcluding": "4.1.6.1",
"versionStartIncluding": "4.1.0"
},
{
"criteria": "cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1889D863-AE63-4711-B6F1-54EBFCB1CCCF",
"versionEndExcluding": "4.3.3",
"versionStartIncluding": "4.2.0"
},
{
"criteria": "cpe:2.3:a:emc:rsa_bsafe_crypto-c:*:*:*:*:micro_edition:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C16AC74B-F5CE-496A-9F17-D66FB278659A",
"versionEndExcluding": "4.1.3.3",
"versionStartIncluding": "4.1"
}
],
"operator": "OR"
}
]
}
]