Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2019-3738

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.

  • Published: Sep 19, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-3738
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
dell / bsafe_ssl-j - 6.2.4.1.x
dell / bsafe_crypto-j - 6.2.5
dell / bsafe_cert-j - 6.2.4.x
mcafee / threat_intelligence_exchange_server 3.0.0 3.0.0.x
mcafee / threat_intelligence_exchange_server 2.0.0 2.3.1.x
oracle / retail_service_backbone 14.1 14.1.x
oracle / retail_integration_bus 14.1 14.1.x
oracle / retail_service_backbone 15.0 15.0.x
oracle / retail_integration_bus 15.0 15.0.x
oracle / retail_integration_bus 16.0 16.0.x
oracle / communications_unified_inventory_management 7.3.2 7.3.2.x
oracle / communications_unified_inventory_management 7.3.4 7.3.4.x
oracle / communications_unified_inventory_management 7.3.5 7.3.5.x
oracle / communications_unified_inventory_management 7.4.0 7.4.0.x
oracle / retail_xstore_point_of_service 17.0.3 17.0.3.x
oracle / application_performance_management 13.3.0.0 13.3.0.0.x
oracle / database 12.1.0.2 12.1.0.2.x
oracle / database 12.2.0.1 12.2.0.1.x
oracle / database 18c 18c.x
oracle / database 19c 19c.x
oracle / retail_assortment_planning 15.0.3.0 15.0.3.0.x
oracle / retail_predictive_application_server 14.1.3.0 14.1.3.0.x
oracle / retail_predictive_application_server 15.0.3.0 15.0.3.0.x
oracle / retail_assortment_planning 16.0.3.0 16.0.3.0.x
oracle / retail_predictive_application_server 16.0.3.0 16.0.3.0.x
oracle / retail_service_backbone 16.0 16.0.x
oracle / communications_network_integrity 7.3.5 7.3.5.x
oracle / communications_network_integrity 7.3.6 7.3.6.x
oracle / communications_unified_inventory_management 7.4.1 7.4.1.x
oracle / storagetek_tape_analytics_sw_tool 2.3 2.3.x
oracle / retail_store_inventory_management 14.0.4 14.0.4.x
oracle / retail_store_inventory_management 14.1.3 14.1.3.x
oracle / retail_store_inventory_management 15.0.3 15.0.3.x
oracle / retail_store_inventory_management 16.0.3 16.0.3.x
oracle / retail_xstore_point_of_service 15.0.3 15.0.3.x
oracle / retail_xstore_point_of_service 16.0.5 16.0.5.x
oracle / retail_xstore_point_of_service 18.0.2 18.0.2.x
oracle / retail_xstore_point_of_service 19.0.1 19.0.1.x
oracle / application_performance_management 13.4.0.0 13.4.0.0.x
oracle / goldengate - 19.1.0.0.0.210420
oracle / goldengate 19.1.0.0.0.210420 19.1.0.0.0.210420.x
oracle / communications_network_integrity 7.3.2 7.3.2.x