Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2019-3740

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.

  • Published: Sep 19, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-3740
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
dell / bsafe_ssl-j - 6.2.4.1.x
dell / bsafe_crypto-j - 6.2.5
dell / bsafe_cert-j - 6.2.4.x
oracle / retail_service_backbone 14.1 14.1.x
oracle / retail_integration_bus 14.1 14.1.x
oracle / weblogic_server 12.1.3.0.0 12.1.3.0.0.x
oracle / retail_service_backbone 15.0 15.0.x
oracle / retail_integration_bus 15.0 15.0.x
oracle / weblogic_server 10.3.6.0.0 10.3.6.0.0.x
oracle / weblogic_server 12.2.1.3.0 12.2.1.3.0.x
oracle / retail_predictive_application_server 15.0 15.0.x
oracle / retail_integration_bus 16.0 16.0.x
oracle / communications_unified_inventory_management 7.3.2 7.3.2.x
oracle / communications_unified_inventory_management 7.3.4 7.3.4.x
oracle / communications_unified_inventory_management 7.3.5 7.3.5.x
oracle / communications_unified_inventory_management 7.4.0 7.4.0.x
oracle / retail_xstore_point_of_service 17.0.3 17.0.3.x
oracle / weblogic_server 12.2.1.4.0 12.2.1.4.0.x
oracle / application_performance_management 13.3.0.0 13.3.0.0.x
oracle / weblogic_server 14.1.1.0.0 14.1.1.0.0.x
oracle / database 12.1.0.2 12.1.0.2.x
oracle / database 12.2.0.1 12.2.0.1.x
oracle / database 18c 18c.x
oracle / database 19c 19c.x
oracle / retail_assortment_planning 15.0.3.0 15.0.3.0.x
oracle / retail_predictive_application_server 14.1.3.0 14.1.3.0.x
oracle / retail_predictive_application_server 15.0.3.0 15.0.3.0.x
oracle / retail_assortment_planning 16.0.3.0 16.0.3.0.x
oracle / retail_predictive_application_server 16.0.3.0 16.0.3.0.x
oracle / retail_service_backbone 16.0 16.0.x
oracle / communications_network_integrity 7.3.5 7.3.5.x
oracle / communications_network_integrity 7.3.6 7.3.6.x
oracle / communications_unified_inventory_management 7.4.1 7.4.1.x
oracle / storagetek_tape_analytics_sw_tool 2.3 2.3.x
oracle / retail_store_inventory_management 14.0.4 14.0.4.x
oracle / retail_store_inventory_management 14.1.3 14.1.3.x
oracle / retail_store_inventory_management 15.0.3 15.0.3.x
oracle / retail_store_inventory_management 16.0.3 16.0.3.x
oracle / retail_xstore_point_of_service 15.0.3 15.0.3.x
oracle / retail_xstore_point_of_service 16.0.5 16.0.5.x
oracle / retail_xstore_point_of_service 18.0.2 18.0.2.x
oracle / retail_xstore_point_of_service 19.0.1 19.0.1.x
oracle / application_performance_management 13.4.0.0 13.4.0.0.x
oracle / global_lifecycle_management_opatch - 12.2.0.1.22
oracle / goldengate - 19.1.0.0.0.210420
oracle / storagetek_acsls 8.5.1 8.5.1.x
oracle / communications_network_integrity 7.3.2 7.3.2.x