PT-2019-16676 · Rsa · Rsa Bsafe Crypto-C Micro Edition+1
Published
2019-09-30
·
Updated
2022-04-12
·
CVE-2019-3732
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3
RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.3.3
RSA Micro Edition Suite versions prior to 4.0.11
RSA Micro Edition Suite versions prior to 4.1.6.1
RSA Micro Edition Suite versions prior to 4.3.3
Description
The issue is related to an Information Exposure Through Timing Discrepancy, which could allow a malicious remote user to extract information, putting data at risk of exposure.
Recommendations
For RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3, update to version 4.0.5.3 or later.
For RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.3.3, update to version 4.1.3.3 or later.
For RSA Micro Edition Suite versions prior to 4.0.11, update to version 4.0.11 or later.
For RSA Micro Edition Suite versions prior to 4.1.6.1, update to version 4.1.6.1 or later.
For RSA Micro Edition Suite versions prior to 4.3.3, update to version 4.3.3 or later.
Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Rsa Bsafe Crypto-C Micro Edition
Rsa Micro Edition Suite