CVE-2018-11056

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
6.5MEDIUM
EPSS
2.0%
top 16.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
15
RSA Bsafe Crypto-c Micro EditionRSA Bsafe Micro Edition SuiteDell Bsafe+12 more
Timeline
PublishedAug 31
Latest updateMay 13

Description

RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages15 packages

CVEListV5rsa/bsafe_micro_edition_suiteunspecified4.1.6.1
CVEListV5rsa/bsafe_crypto-c_micro_editionunspecified4.0.5.3
NVDdell/bsafe_crypto-c4.0.04.0.5.3
NVDdell/bsafe4.1.04.1.6.1

Patches

Patch: www.oracle.comPatch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-7h4p-6qh6-g2m2: RSA BSAFE Micro Edition Suite, prior to 42022-05-13
CVEList
CVE-2018-11056: RSA BSAFE Micro Edition Suite, prior to 42018-08-31