What is CVE-2018-11058?

CVE-2018-11058 is a critical-severity vulnerability in Dell Bsafe, classified under Out-of-bounds Read. CVSS score: 9.8/10. Published 2018-09-14.

How severe is CVE-2018-11058?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Out-of-bounds Read in Dell Bsafe

CVE-2018-11058

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A…

Vulnerability class: Buffer Overflow

EPSS: 0.040 (89.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Dell Bsafe
Dell Bsafe_crypto-c
Oracle Application_testing_suite — versions 13.3.0.1
Oracle Communications_analytics — versions 12.1.1
Oracle Communications_ip_service_activator — versions 7.3.0, 7.4.0
Oracle Core_rdbms — versions 11.2.0.4, 12.1.0.2, 12.2.0.1
Oracle Enterprise_manager_ops_center — versions 12.3.3, 12.4.0
Oracle Goldengate_application_adapters — versions 12.3.2.1.0
Oracle Jd_edwards_enterpriseone_tools — versions 9.2
Oracle Real_user_experience_insight — versions 13.1.2.1, 13.2.3.1, 13.3.1.0

Weakness classification (CWE)

CWE-125 — Out-of-bounds Read

References

security_alert@emc.com (mailing-list, x_refsource_FULLDISC, Mailing List, Third Party Advisory)
security_alert@emc.com (vdb-entry, Broken Link, x_refsource_BID)
security_alert@emc.com (Patch, Third Party Advisory, x_refsource_MISC)
security_alert@emc.com (Patch, Third Party Advisory, x_refsource_MISC)
security_alert@emc.com (Patch, Third Party Advisory, x_refsource_MISC)
security_alert@emc.com (Patch, Third Party Advisory, x_refsource_MISC)
security_alert@emc.com (Patch, Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2018-11058?: CVE-2018-11058 is a critical-severity vulnerability in Dell Bsafe, classified under Out-of-bounds Read. CVSS score: 9.8/10. Published 2018-09-14.
How severe is CVE-2018-11058?: Critical severity. CVSS v3 base score is 9.8 out of 10.