CVE-2014-0626CVE-2014-0626

Affected configuration(s):

cpe:/a:emc:rsa_bsafe_ssl-j:5.0
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.0
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.1
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.2
cpe:/a:emc:rsa_bsafe_ssl-j:6.0
cpe:/a:emc:rsa_bsafe_ssl-j:6.0.1

Date published: 2014-02-17T19:55:05.173-05:00

Date last modified: 2014-02-18T14:45:23.737-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://archives.neohapsis.com/archives/bugtraq/2014-02/0061.html

Summary: The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.