CVE-2014-4193

Name of the Vulnerable Software and Affected Versions EMC RSA BSAFE-Java Toolkits (aka Share for Java) (affected versions not specified)

Description The issue concerns the TLS implementation in the affected software, specifically its support for the Extended Random extension when using the Dual EC DRBG algorithm. This makes it easier for remote attackers to obtain plaintext from TLS sessions by requesting long nonces from a server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.