CVE-2014-4193 in RSA BSAFE-Java Toolkitsinfo

Summary

The TLS implementation in EMC RSA BSAFE-Java Toolkits (aka Share for Java) supports the Extended Random extension during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by requesting long nonces from a server, a different issue than CVE-2007-6755.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

06/17/2014

Disclosure

06/17/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
70076	EMC RSA BSAFE-Java Toolkits Session cryptographic issue	310	Not defined	Not defined	CVE-2014-4193

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!