CVE-2019-3730

CVSS 5.9 MEDIUMEPSS 0.6%CWE-649

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.9EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

30 Sep 2019Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Dell · RSA BSAFE MES

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.dell.com/support/kbdoc/000194054