CVE-2019-3731
HIGHRSA BSAFE Crypto-C Micro Edition < 4.1.4 and RSA Micro Edition Suite < 4.4 - Timing Discrepancy Information Exposure
Title source: llmDescription
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/000194054
Scores
CVSS v3
7.5
EPSS
0.0024
EPSS Percentile
47.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-310
CWE-203
Status
published
Products (2)
dell/bsafe_crypto-c-micro-edition
< 4.1.4
dell/bsafe_micro-edition-suite
4.0.0 - 4.0.13
Published
Sep 30, 2019
Tracked Since
Feb 18, 2026