CVE-2018-11070: CVE-2018-11070

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-11070

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Dell EMC RSA BSAFE Crypto-J和RSA BSAFE SSL-J 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Dell EMC RSA BSAFE是美国戴尔（Dell）公司的一款安全软件产品。该产品支持加密算法、证书链验证和传输层安全性（TLS）加密套件等，以帮助用户实现其应用程序的各种安全目标。RSA BSAFE Crypto-J和RSA BSAFE SSL-J都是其中的加密工具包。 Dell EMC RSA BSAFE Crypto-J 6.2.4之前版本和RSA BSAFE SSL-J 6.2.4之前版本中存在安全漏洞。远程攻击者可利用该漏洞恢复RSA密钥。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Dell EMC	RSA BSAFE Crypto-J	unspecified ~ 6.2.4	-
Dell EMC	RSA BSAFE SSL-J	unspecified ~ 6.2.4	-

II. Public POCs for CVE-2018-11070

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-11070

Please Login to view more intelligence information

http://www.securitytracker.com/id/1041614vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1041615vdb-entryx_refsource_SECTRACK
https://seclists.org/fulldisclosure/2018/Sep/7mailing-listx_refsource_FULLDISC
https://nvd.nist.gov/vuln/detail/CVE-2018-11070

IV. Related Vulnerabilities

Same product: RSA BSAFE Crypto-J

Same vendor: Dell EMC

V. Comments for CVE-2018-11070

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2018-11070

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-11070

III. Intelligence Information for CVE-2018-11070

IV. Related Vulnerabilities

V. Comments for CVE-2018-11070

Leave a comment