Weak Algorithm Placement in EMC RSA BSAFE Micro Edition Suite (MES) Allows for Cryptographic Protection Bypass
CVE-2016-0923 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used.
Learn more about our Cis Benchmark Audit For Server Software.