CVE-2018-11057
published 2018-08-31CVE-2018-11057: RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA…
medium5.9CVSS 3.1
AVNACHPRNUINSUCHINAN
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | bsafe | >= 4.0.0 < 4.0.11 | 4.0.11 |
| dell | bsafe | >= 4.1.0 < 4.1.6.1 | 4.1.6.1 |
| oracle | application_testing_suite | — | — |
| oracle | communications_analytics | — | — |
| oracle | communications_ip_service_activator | — | — |
| oracle | communications_ip_service_activator | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | enterprise_manager_ops_center | — | — |
| oracle | enterprise_manager_ops_center | — | — |
| oracle | goldengate_application_adapters | — | — |
| oracle | jd_edwards_enterpriseone_tools | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | security_service | — | — |
| oracle | security_service | — | — |
| oracle | security_service | — | — |
| oracle | timesten_in-memory_database | < 18.1.4.1.0 | 18.1.4.1.0 |
| rsa | bsafe_micro_edition_suite | >= unspecified < 4.0.11 | 4.0.11 |