CVE-2019-3730

RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a “padding oracle attack vulnerability”. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.

Published: Oct 1, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-3730
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-209

OWASP TOP 10:

A6 - Security Misconfiguration

Affected Software
References

Software	From	Fixed in
dell / bsafe_micro-edition-suite	4.1.0	4.1.6.3
dell / bsafe_micro-edition-suite	4.2.0	4.4.0

https://www.dell.com/support/kbdoc/000194054

Vulnerability Database

289,599

CVE-2019-3730