PT-2018-2951 · Rsa · Emc Rsa Bsafe Micro Edition Suite+1
Published
2018-08-28
·
Updated
2022-04-18
·
CVE-2018-11058
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
RSA BSAFE Micro Edition Suite versions prior to 4.0.11
RSA BSAFE Micro Edition Suite versions prior to 4.1.6
RSA BSAFE Crypto-C Micro Edition version prior to 4.0.5.3
Description
The issue is caused by a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data to exploit this issue, potentially allowing the execution of arbitrary code in the context of the current user.
Recommendations
For RSA BSAFE Micro Edition Suite versions prior to 4.0.11, update to version 4.0.11 or later.
For RSA BSAFE Micro Edition Suite versions prior to 4.1.6, update to version 4.1.6 or later.
For RSA BSAFE Crypto-C Micro Edition version prior to 4.0.5.3, update to version 4.0.5.3 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Rsa Bsafe Crypto-C Micro Edition
Emc Rsa Bsafe Micro Edition Suite