Description
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujul2022.html
Scores
CVSS v3
6.8
EPSS
0.0154
EPSS Percentile
81.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
Details
CWE
CWE-385
Status
published
Products (11)
dell/bsafe_crypto-c-micro-edition
< 4.1.5
dell/bsafe_micro-edition-suite
< 4.5.2
oracle/database
12.1.0.2
oracle/database
19c
oracle/database
21c
oracle/http_server
12.2.1.3.0
oracle/http_server
12.2.1.4.0
oracle/security_service
12.2.1.3.0
oracle/security_service
12.2.1.4.0
oracle/weblogic_server_proxy_plug-in
12.2.1.3.0
... and 1 more
Published
Jul 11, 2022
Tracked Since
Feb 18, 2026