Vulnerability in Dell Bsafe_ssl-j

CVE-2014-0626

The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TL…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.019 (76.7th percentile) — read the EPSS interpretation.

Affected products

Dell Bsafe_ssl-j — versions 5.1.2, 6.0
Emc Rsa_bsafe_ssl-j — versions 5.0, 5.1.0, 5.1.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

security_alert@emc.com (mailing-list, x_refsource_BUGTRAQ)