5.9
CVE-2016-0887
- EPSS 0.94%
- Veröffentlicht 12.04.2016 23:59:31
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle security_alert@emc.com
- CVE-Watchlists
- Unerledigt
LoginEMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Bsafe Crypto-c-micro-edition Version >= 4.0 <= 4.0.5.3
Dell ≫ Bsafe Crypto-c-micro-edition Version >= 4.1 <= 4.1.2
Dell ≫ Bsafe Crypto-j Version < 6.2.1
Dell ≫ Bsafe Micro-edition-suite Version >= 4.0.0 <= 4.0.11
Dell ≫ Bsafe Micro-edition-suite Version >= 4.1.0 < 4.1.5
Dell ≫ Bsafe Ssl-c Version < 2.8.9
Dell ≫ Bsafe Ssl-j Version < 6.2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.94% | 0.752 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.