7.5

CVE-2016-0923

The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DellBsafe SwEditionmicro_edition_suite Version >= 4.0.0 < 4.0.9
DellBsafe SwEditionmicro_edition_suite Version >= 4.1.0 < 4.1.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.6% 0.727
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

http://seclists.org/bugtraq/2016/Sep/25
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/92994
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036835
Third Party Advisory
VDB Entry