VYPR

RSA BSAFE Crypto-J

by EMC Corporation

CVEs (3)

  • CVE-2016-8212HigFeb 3, 2017
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper OCSP Validation Vulnerability. OCSP responses have two time values: thisUpdate and nextUpdate. These specify a validity period; however, both values are optional. Crypto-J treats the…

  • CVE-2015-0534HigAug 20, 2015
    risk 0.49cvss 7.5epss 0.01

    EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce certain constraints on certificate data, which allows remote attackers to defeat a…

  • CVE-2016-8217LowFeb 3, 2017
    risk 0.24cvss 3.7epss 0.01

    EMC RSA BSAFE Crypto-J versions prior to 6.2.2 has a PKCS#12 Timing Attack Vulnerability. A possible timing attack could be carried out by modifying a PKCS#12 file that has an integrity MAC for which the password is not known. An attacker could then feed the modified PKCS#12…