CVE-2018-11070

Summary

RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

Affected Software

VendorProductVersion RangeStatus
Dell EMCRSA BSAFE Crypto-Junspecified < 6.2.4affected
Dell EMCRSA BSAFE SSL-Junspecified < 6.2.4affected

Weaknesses

  • Covert Timing Channel Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References