RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anonymous Diffie-Hellman cipher suite (DHE or ADH) is used.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
24
Affected Products
16
References
dell / bsafe
| - |
| oracle | communications_analytics | - | - |
| oracle | communications_ip_service_activator | - | - |
| oracle | communications_ip_service_activator | - | - |
| oracle | core_rdbms | - | - |
| oracle | core_rdbms | - | - |
| oracle | core_rdbms | - | - |
| oracle | core_rdbms | - | - |
| oracle | core_rdbms | - | - |
| oracle | enterprise_manager_ops_center | - | - |
| oracle | enterprise_manager_ops_center | - | - |
| oracle | goldengate_application_adapters | - | - |
| oracle | jd_edwards_enterpriseone_tools | - | - |
| oracle | real_user_experience_insight | - | - |
| oracle | real_user_experience_insight | - | - |
| oracle | real_user_experience_insight | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | retail_predictive_application_server | - | - |
| oracle | security_service | - | - |
| oracle | security_service | - | - |
| oracle | security_service | - | - |
| oracle | timesten_in-memory_database | 18.1.4.1.0 | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability
Impact