CVE-2020-35167: Infoleak
First published: Mon Jul 11 2022(Updated: )
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Dell Bsafe Crypto-c-micro-edition | <4.1.5 | |
| Dell Bsafe Micro-edition-suite | <4.6 | |
| Oracle Database | =12.1.0.2 | |
| Oracle Database | =19c | |
| Oracle Database | =21c | |
| Oracle HTTP Server | =12.2.1.3.0 | |
| Oracle HTTP Server | =12.2.1.4.0 | |
| Oracle Security Service | =12.2.1.3.0 | |
| Oracle Security Service | =12.2.1.4.0 | |
| Oracle Weblogic Server Proxy Plug-in | =12.2.1.3.0 | |
| Oracle Weblogic Server Proxy Plug-in | =12.2.1.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2020-35167.
What is the severity level of CVE-2020-35167?
The severity level of CVE-2020-35167 is critical (9.8).
Which software versions are affected by CVE-2020-35167?
Dell BSAFE Crypto-C Micro Edition versions before 4.1.5 and Dell BSAFE Micro Edition Suite versions before 4.6 are affected by CVE-2020-35167.
How can I fix CVE-2020-35167?
To fix CVE-2020-35167, update your Dell BSAFE Crypto-C Micro Edition to version 4.1.5 or later and Dell BSAFE Micro Edition Suite to version 4.6 or later.
Where can I find more information about CVE-2020-35167?
More information about CVE-2020-35167 can be found on the Dell support website and the Oracle security alerts page.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/dell
- canonical/dell bsafe crypto-c-micro-edition
- canonical/dell bsafe micro-edition-suite
- vendor/oracle
- canonical/oracle database
- version/oracle database/12.1.0.2
- version/oracle database/19c
- version/oracle database/21c
- canonical/oracle http server
- version/oracle http server/12.2.1.3.0
- version/oracle http server/12.2.1.4.0
- canonical/oracle security service
- version/oracle security service/12.2.1.3.0
- version/oracle security service/12.2.1.4.0
- canonical/oracle weblogic server proxy plug-in
- version/oracle weblogic server proxy plug-in/12.2.1.3.0
- version/oracle weblogic server proxy plug-in/12.2.1.4.0