CVE-2019-3739
published 2019-09-18CVE-2019-3739: RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
Affected
40 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | bsafe_cert-j | <= 6.2.4 | — |
| dell | bsafe_crypto-j | < 6.2.5 | 6.2.5 |
| dell | bsafe_ssl-j | <= 6.2.4.1 | — |
| dell | rsa_bsafe_crypto-j | — | — |
| oracle | application_performance_management | — | — |
| oracle | application_performance_management | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | goldengate | < 19.1.0.0.0.210420 | 19.1.0.0.0.210420 |
| oracle | retail_assortment_planning | — | — |
| oracle | retail_assortment_planning | — | — |
| oracle | retail_integration_bus | — | — |
| oracle | retail_integration_bus | — | — |
| oracle | retail_integration_bus | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | retail_service_backbone | — | — |
| oracle | retail_service_backbone | — | — |
| oracle | retail_service_backbone | — | — |