CVE-2019-3738
published 2019-09-18CVE-2019-3738: RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | bsafe_cert-j | <= 6.2.4 | — |
| dell | bsafe_crypto-j | < 6.2.5 | 6.2.5 |
| dell | bsafe_ssl-j | <= 6.2.4.1 | — |
| dell | rsa_bsafe_crypto-j | — | — |
| mcafee | threat_intelligence_exchange_server | — | — |
| mcafee | threat_intelligence_exchange_server | 2.0.0 – 2.3.1 | — |
| oracle | application_performance_management | — | — |
| oracle | application_performance_management | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | goldengate | < 19.1.0.0.0.210420 | 19.1.0.0.0.210420 |
| oracle | goldengate | — | — |
| oracle | retail_assortment_planning | — | — |
| oracle | retail_assortment_planning | — | — |
| oracle | retail_integration_bus | — | — |