RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NDell Bsafe Cert J
APPDell≤ 6.2.4Dell Bsafe Crypto J
APPDell< 6.2.5Dell Bsafe Ssl J
APPDell≤ 6.2.4.1Oracle Application Performance Management
APPOracle13.3.0.013.4.0.0Oracle Communications Network Integrity
APPOracle7.3.27.3.57.3.6Oracle Communications Unified Inventory Management
APPOracle7.3.27.3.47.3.57.4.07.4.1Oracle Database
APPOracle12.1.0.212.2.0.118c19cOracle Global Lifecycle Management Opatch
APPOracle< 12.2.0.1.22Oracle Goldengate
APPOracle< 19.1.0.0.0.210420Oracle Retail Assortment Planning
APPOracle15.0.3.016.0.3.0Oracle Retail Integration Bus
APPOracle14.115.016.0Oracle Retail Predictive Application Server
APPOracle14.1.3.015.015.0.3.016.0.3.0Oracle Retail Service Backbone
APPOracle14.115.016.0Oracle Retail Store Inventory Management
APPOracle14.0.414.1.315.0.316.0.3Oracle Retail Xstore Point Of Service
APPOracle15.0.316.0.517.0.318.0.219.0.1Oracle Storagetek Acsls
APPOracle8.5.1Oracle Storagetek Tape Analytics Sw Tool
APPOracle2.3Oracle Weblogic Server
APPOracle10.3.6.0.012.1.3.0.012.2.1.3.012.2.1.4.014.1.1.0.0
Related vulnerabilities
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionalit...
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported v...