CVE-2019-3733

CWE-316 CWE-4593 documents3 sources

Severity

4.9MEDIUM

EPSS

0.1%

top 84.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell RSA Bsafe Crypto-c Micro Edition Dell RSA Bsafe MES Dell Bsafe Crypto-c-micro-edition +1 more

Timeline

PublishedSep 30

Latest updateMay 24

Description

RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages4 packages

▶NVDdell/bsafe_crypto-c-micro-edition4.1 — 4.1.4

▶CVEListV5dell/rsa_bsafe_crypto-c_micro_editionunspecified — 4.1.4

▶NVDemc/rsa_bsafe_crypto-c4.0 — 4.0.5.3

▶CVEListV5dell/rsa_bsafe_mesunspecified — 4.4

🔴Vulnerability Details

GHSA

GHSA-mg7p-v7g7-h925: RSA BSAFE Crypto-C Micro Edition, all versions prior to 4↗2022-05-24

▶

CVEList

CVE-2019-3733: RSA BSAFE Crypto-C Micro Edition, all versions prior to 4↗2019-09-30

▶