Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for rsa_bsafe_crypto-c by emc

    CVE-2019-3733 (GCVE-0-2019-3733)

    Vulnerability from nvd – Published: 2019-09-30 21:48 – Updated: 2024-09-16 23:20
    VLAI
    Summary
    RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
    CWE
    • CWE-316 - Cleartext Storage of Sensitive Information in Memory
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell RSA BSAFE Crypto-C Micro Edition Affected: unspecified , < 4.1.4 (custom)
    Create a notification for this product.
    Dell RSA BSAFE MES Affected: unspecified , < 4.4 (custom)
    Create a notification for this product.
    Date Public
    2019-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:19:18.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/000194054"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RSA BSAFE Crypto-C Micro Edition",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.1.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RSA BSAFE MES",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as \u0027Heap Inspection vulnerability\u0027. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-316",
                  "description": "CWE-316: Cleartext Storage of Sensitive Information in Memory",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:32:52.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.dell.com/support/kbdoc/000194054"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@dell.com",
              "DATE_PUBLIC": "2019-09-12",
              "ID": "CVE-2019-3733",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RSA BSAFE Crypto-C Micro Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.1.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RSA BSAFE MES",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Dell"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as \u0027Heap Inspection vulnerability\u0027. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 4.4,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-316: Cleartext Storage of Sensitive Information in Memory"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.dell.com/support/kbdoc/000194054",
                  "refsource": "MISC",
                  "url": "https://www.dell.com/support/kbdoc/000194054"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2019-3733",
        "datePublished": "2019-09-30T21:48:40.378Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:20:53.121Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3732 (GCVE-0-2019-3732)

    Vulnerability from nvd – Published: 2019-09-30 21:48 – Updated: 2024-09-16 16:37
    VLAI
    Summary
    RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell RSA BSAFE Crypto-C Micro Edition Affected: unspecified , < 4.1.4 (custom)
    Create a notification for this product.
    Dell RSA BSAFE MES Affected: unspecified , < 4.4 (custom)
    Create a notification for this product.
    Date Public
    2019-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:19:17.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/000194054"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RSA BSAFE Crypto-C Micro Edition",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.1.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RSA BSAFE MES",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-385",
                  "description": "CWE-385: Covert Timing Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:32:51.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.dell.com/support/kbdoc/000194054"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@dell.com",
              "DATE_PUBLIC": "2019-09-12",
              "ID": "CVE-2019-3732",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RSA BSAFE Crypto-C Micro Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.1.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RSA BSAFE MES",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Dell"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 5.9,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-385: Covert Timing Channel"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.dell.com/support/kbdoc/000194054",
                  "refsource": "MISC",
                  "url": "https://www.dell.com/support/kbdoc/000194054"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2019-3732",
        "datePublished": "2019-09-30T21:48:40.337Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:37:45.300Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3733 (GCVE-0-2019-3733)

    Vulnerability from cvelistv5 – Published: 2019-09-30 21:48 – Updated: 2024-09-16 23:20
    VLAI
    Summary
    RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
    CWE
    • CWE-316 - Cleartext Storage of Sensitive Information in Memory
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell RSA BSAFE Crypto-C Micro Edition Affected: unspecified , < 4.1.4 (custom)
    Create a notification for this product.
    Dell RSA BSAFE MES Affected: unspecified , < 4.4 (custom)
    Create a notification for this product.
    Date Public
    2019-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:19:18.281Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/000194054"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RSA BSAFE Crypto-C Micro Edition",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.1.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RSA BSAFE MES",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as \u0027Heap Inspection vulnerability\u0027. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-316",
                  "description": "CWE-316: Cleartext Storage of Sensitive Information in Memory",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:32:52.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.dell.com/support/kbdoc/000194054"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@dell.com",
              "DATE_PUBLIC": "2019-09-12",
              "ID": "CVE-2019-3733",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RSA BSAFE Crypto-C Micro Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.1.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RSA BSAFE MES",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Dell"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as \u0027Heap Inspection vulnerability\u0027. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 4.4,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-316: Cleartext Storage of Sensitive Information in Memory"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.dell.com/support/kbdoc/000194054",
                  "refsource": "MISC",
                  "url": "https://www.dell.com/support/kbdoc/000194054"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2019-3733",
        "datePublished": "2019-09-30T21:48:40.378Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:20:53.121Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-3732 (GCVE-0-2019-3732)

    Vulnerability from cvelistv5 – Published: 2019-09-30 21:48 – Updated: 2024-09-16 16:37
    VLAI
    Summary
    RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Dell RSA BSAFE Crypto-C Micro Edition Affected: unspecified , < 4.1.4 (custom)
    Create a notification for this product.
    Dell RSA BSAFE MES Affected: unspecified , < 4.4 (custom)
    Create a notification for this product.
    Date Public
    2019-09-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T19:19:17.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.dell.com/support/kbdoc/000194054"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "RSA BSAFE Crypto-C Micro Edition",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.1.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "RSA BSAFE MES",
              "vendor": "Dell",
              "versions": [
                {
                  "lessThan": "4.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-09-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-385",
                  "description": "CWE-385: Covert Timing Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-02-04T22:32:51.000Z",
            "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
            "shortName": "dell"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.dell.com/support/kbdoc/000194054"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@dell.com",
              "DATE_PUBLIC": "2019-09-12",
              "ID": "CVE-2019-3732",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "RSA BSAFE Crypto-C Micro Edition",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.1.4"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "RSA BSAFE MES",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "4.4"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Dell"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 5.9,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-385: Covert Timing Channel"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.dell.com/support/kbdoc/000194054",
                  "refsource": "MISC",
                  "url": "https://www.dell.com/support/kbdoc/000194054"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "assignerShortName": "dell",
        "cveId": "CVE-2019-3732",
        "datePublished": "2019-09-30T21:48:40.337Z",
        "dateReserved": "2019-01-03T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:37:45.300Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }