Information disclosure vulnerabilities in RSA BSAFE SSL-J
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-11068 CVE-2018-11069 CVE-2018-11070 |
| CWE-ID | CWE-244 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
RSA BSAFE SSL-J Server applications / Encryption software |
| Vendor | Dell |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU14703
Risk: Low
CVSSv3.1: 3.4 [CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11068
CWE-ID:
CWE-244 - Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Exploit availability: No
DescriptionThe vulnerability allows a physically local high-privileged attacker to obtain potentially sensitive information.
The vulnerability exists due to improper clearing of heap memory before releasing the memory. A remote attacker can recover keys.
MitigationUpdate to version 6.2.4.
Vulnerable software versionsRSA BSAFE SSL-J: 5.0 - 6.2
External linkshttp://seclists.org/fulldisclosure/2018/Sep/7
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Covert timing attack
EUVDB-ID: #VU14704
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11069
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a network attacker to obtain potentially sensitive information.
The vulnerability exists due to covert time attack. A remote attacker can conduct a Bleichenbacher covert timing attack on the RSA decryption process and obtain the RSA private key.
MitigationUpdate to version 6.2.4.
Vulnerable software versionsRSA BSAFE SSL-J: 5.0 - 6.2
External linkshttp://seclists.org/fulldisclosure/2018/Sep/7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Covert timing attack
EUVDB-ID: #VU14705
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-11070
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a network attacker to obtain potentially sensitive information.
The vulnerability exists due to covert time attack. A remote attacker can conduct a Bleichenbacher covert timing attack on PKCS #1 unpadding operations and obtain the RSA private key.
MitigationUpdate to version 6.2.4.
Vulnerable software versionsRSA BSAFE SSL-J: 5.0 - 6.2
External linkshttp://seclists.org/fulldisclosure/2018/Sep/7
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
