CVE-2019-3730

Summary

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

Affected Software

VendorProductVersion RangeStatus
DellRSA BSAFE MESunspecified < 4.4affected

Weaknesses

  • CWE-649: CWE-649: Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking

ADP Enrichment

CVE Program Container

Additional References

References