CVE-2019-3731

CWE-310 CWE-2033 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 52.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell RSA Bsafe Crypto-c Micro Edition Dell RSA Bsafe MES Dell Bsafe Crypto-c-micro-edition +1 more

Timeline

PublishedSep 30

Latest updateMay 24

Description

RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶NVDdell/bsafe_micro-edition-suite4.0.0 — 4.0.13+1

▶NVDdell/bsafe_crypto-c-micro-edition< 4.1.4

▶CVEListV5dell/rsa_bsafe_crypto-c_micro_editionunspecified — 4.1.4

▶CVEListV5dell/rsa_bsafe_mesunspecified — 4.4

🔴Vulnerability Details

GHSA

GHSA-3543-6fm3-c53p: RSA BSAFE Crypto-C Micro Edition versions prior to 4↗2022-05-24

▶

CVEList

CVE-2019-3731: RSA BSAFE Crypto-C Micro Edition versions prior to 4↗2019-09-30

▶