CVE-2016-0923

CWE-327Broken Cryptographic Algorithm3 documents3 sources
Severity
7.5HIGH
EPSS
0.6%
top 31.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Dell Bsafe
Timeline
PublishedSep 18
Latest updateMay 13

Description

The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDdell/bsafe4.0.04.0.9+1

🔴Vulnerability Details

2
GHSA
GHSA-hjxp-4c3x-wqgm: The client in EMC RSA BSAFE Micro Edition Suite (MES) 42022-05-13
CVEList
CVE-2016-0923: The client in EMC RSA BSAFE Micro Edition Suite (MES) 42016-09-18
CVE-2016-0923 (HIGH CVSS 7.5) | The client in EMC RSA BSAFE Micro E | cvebase.io