EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a similar issue to CVE-2015-0204.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NDell Bsafe
APPDell4.0.0 – 4.0.8 (bez)4.1.0 – 4.1.3 (bez)Dell Bsafe Ssl C
APPDell≤ 2.8.9
Powiązane podatności
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAF...
Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x befor...
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1...
RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker co...
The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the wea...