CVE-2014-0636
RSA BSAFE Micro Edition Suite 3.2.x < 3.2.6 and 4.0.x < 4.0.5 - X.509 Certificate Chain Spoofing
Title source: llmDescription
EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain.
References (2)
Core 2
Core References
Broken Link mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2014-04/0069.html
Third Party Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/66791
Scores
EPSS
0.0013
EPSS Percentile
32.8%
Details
CWE
CWE-310
Status
published
Products (11)
dell/bsafe_micro-edition-suite
3.2.0
dell/bsafe_micro-edition-suite
3.2.1
dell/bsafe_micro-edition-suite
3.2.2
dell/bsafe_micro-edition-suite
3.2.3
dell/bsafe_micro-edition-suite
3.2.4
dell/bsafe_micro-edition-suite
3.2.5
dell/bsafe_micro-edition-suite
4.0.0
dell/bsafe_micro-edition-suite
4.0.1
dell/bsafe_micro-edition-suite
4.0.2
dell/bsafe_micro-edition-suite
4.0.3
... and 1 more
Published
Apr 11, 2014
Tracked Since
Feb 18, 2026