Weak Algorithm Placement in EMC RSA BSAFE Micro Edition Suite (MES) Allows for Cryptographic Protection Bypass

Weak Algorithm Placement in EMC RSA BSAFE Micro Edition Suite (MES) Allows for Cryptographic Protection Bypass

CVE-2016-0923 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used.

Learn more about our Cis Benchmark Audit For Server Software.