CVE-2014-0625Dell Bsafe Ssl-j vulnerability

CWE-3993 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 35.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Dell Bsafe Ssl-jEMC RSA Bsafe Ssl-j
Timeline
PublishedFeb 18
Latest updateMay 13

Description

The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDdell/bsafe_ssl-j5.1.2, 6.0+1
NVDemc/rsa_bsafe_ssl-j4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-wq7h-4ppp-95mc: The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 52022-05-13
CVEList
CVE-2014-0625: The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 52014-02-18
CVE-2014-0625 — Dell Bsafe Ssl-j vulnerability | cvebase