CVE-2014-0636Dell Bsafe Micro-edition-suite vulnerability

CWE-3103 documents3 sources
Severity
5.8MEDIUMNVD
EPSS
0.1%
top 66.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Bsafe Micro-edition-suite
Timeline
PublishedApr 11
Latest updateMay 13

Description

EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

NVDdell/bsafe_micro-edition-suite11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-w9vh-ww93-6g87: EMC RSA BSAFE Micro Edition Suite (MES) 32022-05-13
CVEList
CVE-2014-0636: EMC RSA BSAFE Micro Edition Suite (MES) 32014-04-11
CVE-2014-0636 — Dell vulnerability | cvebase