rsa bsafe-cert-j CVE-2019-3738 vulnerability in Rsa and Other Products
Published on September 18, 2019

product logo product logo product logo product logo product logo
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.

NVD

Weakness Type

Missing Cryptographic Step

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.


Products Associated with CVE-2019-3738

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-3738 are published in these products:

Rsa Bsafe Cert J
 
Rsa Bsafe Crypto J
 
Rsa Bsafe Ssl J
 
Dell Bsafe Ssl J
 
Dell Bsafe Crypto J
 
McAfee Threat Intelligence Exchange Server
 
Oracle Application Performance Management
 
Oracle Communications Unified Inventory Management
 
Oracle Database Server
 
Oracle Goldengate
 
Oracle Retail Assortment Planning
 
Oracle Retail Integration Bus
 
Oracle Retail Predictive Application Server
 
Oracle Retail Service Backbone
 
Oracle Retail Store Inventory Management
 
Oracle Retail Xstore Point Of Service
 
Oracle Storagetek Tape Analytics Sw Tool
 
Dell Bsafe Cert J
 
Oracle Communications Network Integrity
 

Affected Versions

Dell RSA BSAFE Crypto-J Version prior to 6.2.5 is affected by CVE-2019-3738

Exploit Probability

EPSS
0.97%
Percentile
76.26%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.