CVE-2019-3732

Summary

RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

Affected Software

VendorProductVersion RangeStatus
DellRSA BSAFE Crypto-C Micro Editionunspecified < 4.1.4affected
DellRSA BSAFE MESunspecified < 4.4affected

Weaknesses

  • CWE-385: CWE-385: Covert Timing Channel

ADP Enrichment

CVE Program Container

Additional References

References