EMC » Rsa Bsafe Ssl-j : Security Vulnerabilities, CVEs,
The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state.
Max CVSS
5.0
EPSS Score
0.21%
Published
2014-02-18
Updated
2021-12-09
The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated.
Max CVSS
5.0
EPSS Score
0.33%
Published
2014-02-18
Updated
2021-12-09
The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered.
Max CVSS
5.0
EPSS Score
0.33%
Published
2014-02-18
Updated
2021-12-09
3 vulnerabilities found