Dell Rsa Bsafe Mes vulnerabilities

5 known vulnerabilities affecting dell/rsa_bsafe_mes.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH3MEDIUM1LOW1

Vulnerabilities

Page 1 of 1

CVE-2019-3731HIGHCVSS 7.5≥ unspecified, < 4.42019-09-30

CVE-2019-3731 [HIGH] CWE-310 CVE-2019-3731: RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

CVE-2019-3732HIGHCVSS 7.5≥ unspecified, < 4.42019-09-30

CVE-2019-3732 [HIGH] CWE-385 CVE-2019-3732: RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user

CVE-2019-3730HIGHCVSS 7.5≥ unspecified, < 4.42019-09-30

CVE-2019-3730 [HIGH] CWE-649 CVE-2019-3730: RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4. RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk

CVE-2019-3733MEDIUMCVSS 4.9≥ unspecified, < 4.42019-09-30

CVE-2019-3733 [MEDIUM] CWE-316 CVE-2019-3733: RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

CVE-2019-3729LOWCVSS 2.4≥ unspecified, < 4.42019-09-30

CVE-2019-3729 [LOW] CWE-121 CVE-2019-3729: RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerabl RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the library of the affected system.