CVE-2018-11068

MEDIUM

RSA BSAFE SSL-J <6.2.4 - Info Disclosure

Title source: llm

Description

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material.

References (2)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1041614

[Mailing List, Third Party Advisory] https://seclists.org/fulldisclosure/2018/Sep/7

Scores

CVSS v3 4.6

EPSS 0.0008

EPSS Percentile 23.6%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-459

Status published

Products (1)

dell/bsafe_ssl-j < 6.2.4

Published Sep 11, 2018

Tracked Since Feb 18, 2026