First published: Mon Sep 30 2019(Updated: )
RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell Bsafe Crypto-c-micro-edition | >=4.0.0<4.0.5.4 | |
Dell Bsafe Crypto-c-micro-edition | >=4.1.0<4.1.4 | |
Dell Bsafe Micro-edition-suite | >=4.0.0<4.0.13 | |
Dell Bsafe Micro-edition-suite | >=4.1.0<4.4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-3728 is a vulnerability in RSA BSAFE Crypto-C Micro Edition and RSA BSAFE Micro Edition Suite that allows for a buffer over-read when processing DSA signatures.
Dell BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) are affected by CVE-2019-3728.
Dell BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are affected by CVE-2019-3728.
CVE-2019-3728 has a severity rating of 7.5 (high).
To fix CVE-2019-3728, you should update to Dell BSAFE Crypto-C Micro Edition 4.0.5.4 (or later) or 4.1.4 (or later), and Dell BSAFE Micro Edition Suite 4.0.13 (or later) or 4.4 (or later).