MEDIUM🇵🇱 Wersja polska

CVE-2019-3738

CVSS 6.5v3.1pub. 2019-09-18upd. 2024-11-21

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
  • Dell Bsafe Cert J

    APP
    Dell
    ≤ 6.2.4
  • Dell Bsafe Crypto J

    APP
    Dell
    < 6.2.5
  • Dell Bsafe Ssl J

    APP
    Dell
    ≤ 6.2.4.1
  • Mcafee Threat Intelligence Exchange Server

    APP
    Mcafee
    3.0.02.0.0 – 2.3.1
  • Oracle Application Performance Management

    APP
    Oracle
    13.3.0.013.4.0.0
  • Oracle Communications Network Integrity

    APP
    Oracle
    7.3.27.3.57.3.6
  • Oracle Communications Unified Inventory Management

    APP
    Oracle
    7.3.27.3.47.3.57.4.07.4.1
  • Oracle Database

    APP
    Oracle
    12.1.0.212.2.0.118c19c
  • Oracle Goldengate

    APP
    Oracle
    19.1.0.0.0.210420< 19.1.0.0.0.210420
  • Oracle Retail Assortment Planning

    APP
    Oracle
    15.0.3.016.0.3.0
  • Oracle Retail Integration Bus

    APP
    Oracle
    14.115.016.0
  • Oracle Retail Predictive Application Server

    APP
    Oracle
    14.1.3.015.0.3.016.0.3.0
  • Oracle Retail Service Backbone

    APP
    Oracle
    14.115.016.0
  • Oracle Retail Store Inventory Management

    APP
    Oracle
    14.0.414.1.315.0.316.0.3
  • Oracle Retail Xstore Point Of Service

    APP
    Oracle
    15.0.316.0.517.0.318.0.219.0.1
  • Oracle Storagetek Tape Analytics Sw Tool

    APP
    Oracle
    2.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-22963CRITICAL9.8⚠ KEVten sam produkt

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionalit...

CVE-2022-22965CRITICAL9.8⚠ KEVten sam produkt

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...

CVE-2020-2555CRITICAL9.8⚠ KEVten sam produkt

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invoc...

CVE-2019-2725CRITICAL9.8⚠ KEVten sam produkt

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services)...

CVE-2015-4852CRITICAL9.8⚠ KEVten sam produkt

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote ...