CVE-2019-3738

Summary

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.

Affected Software

VendorProductVersion RangeStatus
DellRSA BSAFE Crypto-Jprior to 6.2.5affected

Weaknesses

  • CWE-325: CWE-325: Missing Required Cryptographic Step

ADP Enrichment

CVE Program Container

Additional References

References