CVE-2018-15769

Name of the Vulnerable Software and Affected Versions: RSA BSAFE Micro Edition Suite versions prior to 4.0.11 RSA BSAFE Micro Edition Suite versions prior to 4.1.6.2

Description: The issue is related to errors in managing cryptographic keys. It may allow a remote attacker to cause a denial of service. A malicious TLS server could potentially cause this issue on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anonymous Diffie-Hellman cipher suite (DHE or ADH) is used.

Recommendations: For RSA BSAFE Micro Edition Suite versions prior to 4.0.11, update to version 4.0.11 or later. For RSA BSAFE Micro Edition Suite versions prior to 4.1.6.2, update to version 4.1.6.2 or later.