First published: Wed Sep 18 2019(Updated: )
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
Credit: security_alert@emc.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dell Bsafe Cert-j | <=6.2.4 | |
Dell BSAFE Crypto-J | <6.2.5 | |
Dell BSAFE SSL-J | <=6.2.4.1 | |
McAfee Threat Intelligence Exchange Server | >=2.0.0<=2.3.1 | |
McAfee Threat Intelligence Exchange Server | =3.0.0 | |
Oracle Application Performance Management | =13.3.0.0 | |
Oracle Application Performance Management | =13.4.0.0 | |
Oracle Communications Network Integrity | =7.3.2 | |
Oracle Communications Network Integrity | =7.3.5 | |
Oracle Communications Network Integrity | =7.3.6 | |
Oracle Communications Unified Inventory Management | =7.3.2 | |
Oracle Communications Unified Inventory Management | =7.3.4 | |
Oracle Communications Unified Inventory Management | =7.3.5 | |
Oracle Communications Unified Inventory Management | =7.4.0 | |
Oracle Communications Unified Inventory Management | =7.4.1 | |
Oracle Database | =12.1.0.2 | |
Oracle Database | =12.2.0.1 | |
Oracle Database | =18c | |
Oracle Database | =19c | |
Oracle GoldenGate | <19.1.0.0.0.210420 | |
Oracle GoldenGate | =19.1.0.0.0.210420 | |
Oracle Retail Assortment Planning | =15.0.3.0 | |
Oracle Retail Assortment Planning | =16.0.3.0 | |
Oracle Retail Integration Bus | =14.1 | |
Oracle Retail Integration Bus | =15.0 | |
Oracle Retail Integration Bus | =16.0 | |
Oracle Retail Predictive Application Server | =14.1.3.0 | |
Oracle Retail Predictive Application Server | =15.0.3.0 | |
Oracle Retail Predictive Application Server | =16.0.3.0 | |
Oracle Retail Service Backbone | =14.1 | |
Oracle Retail Service Backbone | =15.0 | |
Oracle Retail Service Backbone | =16.0 | |
Oracle Retail Store Inventory Management | =14.0.4 | |
Oracle Retail Store Inventory Management | =14.1.3 | |
Oracle Retail Store Inventory Management | =15.0.3 | |
Oracle Retail Store Inventory Management | =16.0.3 | |
Oracle Retail Xstore Point of Service | =15.0.3 | |
Oracle Retail Xstore Point of Service | =16.0.5 | |
Oracle Retail Xstore Point of Service | =17.0.3 | |
Oracle Retail Xstore Point of Service | =18.0.2 | |
Oracle Retail Xstore Point of Service | =19.0.1 | |
Oracle Storagetek Tape Analytics Sw Tool | =2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2019-3738.
CVE-2019-3738 has a severity of 6.5 (medium).
RSA BSAFE Crypto-J versions prior to 6.2.5 are affected by CVE-2019-3738.
A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
You can find more information about CVE-2019-3738 at the following references: [link1], [link2], [link3].