Information Exposure Through Timing Discrepancy in RSA BSAFE Crypto-C Micro Edition and RSA Micro Edition Suite

Information Exposure Through Timing Discrepancy in RSA BSAFE Crypto-C Micro Edition and RSA Micro Edition Suite

CVE-2019-3732 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

Learn more about our User Device Pen Test.