CVE-2018-11057

EPSS 0.62%
Published 31.08.2018 18:29:00
Last modified 21.11.2024 03:42:35
Source security_alert@emc.com
Teams watchlist Login
Open Login

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key.

Affected products Warnungen 0 Metrics 4 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Dell ≫ Bsafe SwEditionmicro_edition_suite Version >= 4.0.0 < 4.0.11

Dell ≫ Bsafe SwEditionmicro_edition_suite Version >= 4.1.0 < 4.1.6.1

Oracle ≫ Application Testing Suite Version13.3.0.1

Oracle ≫ Communications Analytics Version12.1.1

Oracle ≫ Communications Ip Service Activator Version7.3.0

Oracle ≫ Communications Ip Service Activator Version7.4.0

Oracle ≫ Core Rdbms Version11.2.0.4

Oracle ≫ Core Rdbms Version12.1.0.2

Oracle ≫ Core Rdbms Version12.2.0.1

Oracle ≫ Core Rdbms Version18c

Oracle ≫ Core Rdbms Version19c

Oracle ≫ Enterprise Manager Ops Center Version12.3.3

Oracle ≫ Enterprise Manager Ops Center Version12.4.0

Oracle ≫ Goldengate Application Adapters Version12.3.2.1.0

Oracle ≫ Jd Edwards Enterpriseone Tools Version9.2

Oracle ≫ Real User Experience Insight Version13.1.2.1

Oracle ≫ Real User Experience Insight Version13.2.3.1

Oracle ≫ Real User Experience Insight Version13.3.1.0

Oracle ≫ Retail Predictive Application Server Version15.0.3

Oracle ≫ Retail Predictive Application Server Version16.0.3.0

Oracle ≫ Security Service Version11.1.1.9.0

Oracle ≫ Security Service Version12.1.3.0.0

Oracle ≫ Security Service Version12.2.1.3.0

Oracle ≫ Timesten In-memory Database Version < 18.1.4.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.62%	0.69

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
security_alert@emc.com	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N