CVE-2014-0627CVE-2014-0627

Affected configuration(s):

cpe:/a:emc:rsa_bsafe_ssl-j:5.0
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.0
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.1
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.2
cpe:/a:emc:rsa_bsafe_ssl-j:6.0
cpe:/a:emc:rsa_bsafe_ssl-j:6.0.1

Date published: 2014-02-17T19:55:05.207-05:00

Date last modified: 2014-02-18T14:46:21.660-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://archives.neohapsis.com/archives/bugtraq/2014-02/0061.html

Summary: The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.