CVE-2018-15769
published 2018-11-16CVE-2018-15769: RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anonymous Diffie-Hellman cipher suite (DHE or ADH) is used.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | bsafe | >= 4.0.0 < 4.0.11 | 4.0.11 |
| dell | bsafe | >= 4.1.0 < 4.1.6.2 | 4.1.6.2 |
| oracle | application_testing_suite | — | — |
| oracle | communications_analytics | — | — |
| oracle | communications_ip_service_activator | — | — |
| oracle | communications_ip_service_activator | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | enterprise_manager_ops_center | — | — |
| oracle | enterprise_manager_ops_center | — | — |
| oracle | goldengate_application_adapters | — | — |
| oracle | jd_edwards_enterpriseone_tools | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | security_service | — | — |
| oracle | security_service | — | — |
| oracle | security_service | — | — |
| oracle | timesten_in-memory_database | < 18.1.4.1.0 | 18.1.4.1.0 |