CVE-2019-3730
Last modified
CVE-2019-3730 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.. EPSS estimates a 0.64% chance of exploitation in the next 30 days.
Description
RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Bsafe Micro-Edition-Suite | >= 4.1.0, < 4.1.6.3 |
| Dell | Bsafe Micro-Edition-Suite | >= 4.2.0, < 4.4.0 |
References
- https://www.dell.com/support/kbdoc/000194054Vendor Advisory
- https://www.dell.com/support/kbdoc/000194054Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-3730?
How severe is CVE-2019-3730?
How do I fix CVE-2019-3730?
Are you affected by CVE-2019-3730?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST