CVE-2019-3732 in EMC and Dell Products
Published on September 30, 2019
RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.
Weakness Type
Covert Timing Channel
Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information.
Products Associated with CVE-2019-3732
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-3732 are published in these products:
Affected Versions
Dell RSA BSAFE Crypto-C Micro Edition:- Version unspecified and below 4.1.4 is affected.
- Version unspecified and below 4.4 is affected.
Exploit Probability
EPSS
0.31%
Percentile
53.97%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.