ID CVE-2018-15769
Summary RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anonymous Diffie-Hellman cipher suite (DHE or ADH) is used.
References
Vulnerable Configurations
  • EMC RSA BSAFE Micro Edition Suite 4.0.0
    cpe:2.3:a:emc:rsa_bsafe:4.0.0:-:-:-:micro_edition_suite
  • EMC RSA BSAFE Micro Edition Suite 4.0.1
    cpe:2.3:a:emc:rsa_bsafe:4.0.1:-:-:-:micro_edition_suite
  • EMC RSA BSAFE Micro Edition Suite 4.0.2
    cpe:2.3:a:emc:rsa_bsafe:4.0.2:-:-:-:micro_edition_suite
  • EMC RSA BSAFE Micro Edition Suite 4.0.3
    cpe:2.3:a:emc:rsa_bsafe:4.0.3:-:-:-:micro_edition_suite
  • EMC RSA BSAFE Micro Edition Suite 4.0.4
    cpe:2.3:a:emc:rsa_bsafe:4.0.4:-:-:-:micro_edition_suite
  • EMC RSA BSAFE Micro Edition Suite 4.0.5
    cpe:2.3:a:emc:rsa_bsafe:4.0.5:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.0.5.3 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.0.5.3:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.0.7 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.0.7:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.0.8 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.0.8:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.0.9 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.0.9:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.0.10 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.0.10:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.0:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.0.1 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.0.1:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.1 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.1:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.2 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.2:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.3 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.3:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.4 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.4:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.5 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.5:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.6 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.6:-:-:-:micro_edition_suite
  • EMC RSA BSAFE 4.1.6.1 Micro Edition Suite
    cpe:2.3:a:emc:rsa_bsafe:4.1.6.1:-:-:-:micro_edition_suite
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-320
CAPEC
refmap via4
bid 105929
fulldisc 20181112 DSA-2018-198: RSA BSAFE Micro Edition Suite Key Management Error Vulnerability
sectrack 1042057
Last major update 16-11-2018 - 16:29
Published 16-11-2018 - 16:29
Last modified 23-07-2019 - 19:15
Back to Top