CVE-2019-3740
published 2019-09-18CVE-2019-3740: RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCHINAN
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
Affected
48 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | bsafe_cert-j | <= 6.2.4 | — |
| dell | bsafe_crypto-j | < 6.2.5 | 6.2.5 |
| dell | bsafe_ssl-j | <= 6.2.4.1 | — |
| dell | rsa_bsafe_crypto-j | — | — |
| oracle | application_performance_management | — | — |
| oracle | application_performance_management | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | communications_unified_inventory_management | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | database | — | — |
| oracle | global_lifecycle_management_opatch | < 12.2.0.1.22 | 12.2.0.1.22 |
| oracle | goldengate | < 19.1.0.0.0.210420 | 19.1.0.0.0.210420 |
| oracle | retail_assortment_planning | — | — |
| oracle | retail_assortment_planning | — | — |
| oracle | retail_integration_bus | — | — |
| oracle | retail_integration_bus | — | — |
| oracle | retail_integration_bus | — | — |