Main Vulnerability Database Vulnerabilities #VU21460

Information Exposure Through an Error Message in RSA BSAFE Micro Edition Suite - CVE-2019-3730

Published: October 1, 2019

Vulnerability identifier: #VU21460

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-3730

CWE-ID: CWE-209

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Dell

Affected software:
RSA BSAFE Micro Edition Suite

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected software generates an error message that includes sensitive information about its environment, users, or associated data. A remote attacker can extract information leaving data at risk of exposure.

This vulnerability affects the following versions:

RSA BSAFE Micro Edition Suite - versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x)

How to mitigate CVE-2019-3730

Install updates from vendor's website.

Sources

https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE®-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab

Information Exposure Through an Error Message in RSA BSAFE Micro Edition Suite - CVE-2019-3730

Detailed vulnerability description

How to mitigate CVE-2019-3730

Sources

Please verify you're human