Medium severity5.9NVD Advisory· Published Sep 11, 2018· Updated Jun 17, 2026
CVE-2018-11070
CVE-2018-11070
Description
RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.
Affected products
4- Range: <6.2.4
- Range: <6.2.4
- Range: unspecified
- Range: unspecified
Patches
Vulnerability mechanics
References
3- www.securitytracker.com/id/1041614nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1041615nvdThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2018/Sep/7nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.