HIGH🇵🇱 Wersja polska

CVE-2016-8212

CVSS 7.5v3.1pub. 2017-02-03upd. 2026-05-13

An issue was discovered in EMC RSA BSAFE Crypto-J versions prior to 6.2.2. There is an Improper OCSP Validation Vulnerability. OCSP responses have two time values: thisUpdate and nextUpdate. These specify a validity period; however, both values are optional. Crypto-J treats the lack of a nextUpdate as indicating that the OCSP response is valid indefinitely instead of restricting its validity for a brief period surrounding the thisUpdate time. This vulnerability is similar to the issue described in CVE-2015-4748.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Dell Bsafe Crypto J

    APP
    Dell
    < 6.2.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-34381CRITICAL9.1PL ✓ten sam produkt

Dell BSAFE SSL-J i Crypto-J — niezaktualizowany komponent zewnętrzny umożliwia zdalne przejęcie systemu

CVE-2025-26333MEDIUM5.9ten sam produkt

Dell BSAFE Crypto-J generates an error message that includes sensitive information about its environment and a...

CVE-2019-3738MEDIUM6.5ten sam produkt

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerabili...

CVE-2019-3739MEDIUM6.5ten sam produkt

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy v...

CVE-2019-3740MEDIUM6.5ten sam produkt

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepanc...