9.8
CVE-2020-29506
- EPSS 1.33%
- Veröffentlicht 11.07.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 05:24:08
- Quelle security_alert@emc.com
- Teams Watchlist Login
- Unerledigt Login
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dell ≫ Bsafe Crypto-c-micro-edition Version < 4.1.5
Dell ≫ Bsafe Micro-edition-suite Version < 4.5.2
Oracle ≫ HTTP Server Version12.2.1.3.0
Oracle ≫ HTTP Server Version12.2.1.4.0
Oracle ≫ Security Service Version12.2.1.3.0
Oracle ≫ Security Service Version12.2.1.4.0
Oracle ≫ Weblogic Server Proxy Plug-in Version12.2.1.3.0
Oracle ≫ Weblogic Server Proxy Plug-in Version12.2.1.4.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.33% | 0.791 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| security_alert@emc.com | 6.8 | 2.2 | 4 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
|
CWE-385 Covert Timing Channel
Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.