CVE-2019-3732
Last modified
CVE-2019-3732 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.. EPSS estimates a 1.42% chance of exploitation in the next 30 days.
Description
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dell | Bsafe Crypto-C-Micro-Edition | >= 4.0, < 4.0.5.3 |
| Dell | Bsafe Micro-Edition-Suite | >= 4.0.0, < 4.0.11 |
| Dell | Bsafe Micro-Edition-Suite | >= 4.1.0, < 4.1.6.1 |
| Dell | Bsafe Micro-Edition-Suite | >= 4.2.0, < 4.3.3 |
| Emc | Rsa Bsafe Crypto-C | >= 4.1, < 4.1.3.3 |
References
- https://www.dell.com/support/kbdoc/000194054Vendor Advisory
- https://www.dell.com/support/kbdoc/000194054Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-3732?
How severe is CVE-2019-3732?
How do I fix CVE-2019-3732?
Are you affected by CVE-2019-3732?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST