8.1
CVE-2020-35164
- EPSS 0.58%
- Published 11.07.2022 20:15:08
- Last modified 21.11.2024 05:26:52
- Source security_alert@emc.com
- Teams watchlist Login
- Open Login
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
Data is provided by the National Vulnerability Database (NVD)
Dell ≫ Bsafe Crypto-c-micro-edition Version < 4.1.5
Dell ≫ Bsafe Micro-edition-suite Version < 4.6
Oracle ≫ HTTP Server Version12.2.1.3.0
Oracle ≫ HTTP Server Version12.2.1.4.0
Oracle ≫ Security Service Version12.2.1.3.0
Oracle ≫ Security Service Version12.2.1.4.0
Oracle ≫ Weblogic Server Proxy Plug-in Version12.2.1.3.0
Oracle ≫ Weblogic Server Proxy Plug-in Version12.2.1.4.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.58% | 0.678 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
| security_alert@emc.com | 6.7 | 1.4 | 5.2 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-385 Covert Timing Channel
Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.