CVE Vulnerabilities

CVE-2014-0636

Published: Apr 11, 2014 | Modified: Dec 09, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain.

Affected Software

Name Vendor Start Version End Version
Bsafe_micro-edition-suite Dell 3.2.0 3.2.0
Bsafe_micro-edition-suite Dell 3.2.1 3.2.1
Bsafe_micro-edition-suite Dell 3.2.2 3.2.2
Bsafe_micro-edition-suite Dell 3.2.3 3.2.3
Bsafe_micro-edition-suite Dell 3.2.4 3.2.4
Bsafe_micro-edition-suite Dell 3.2.5 3.2.5
Bsafe_micro-edition-suite Dell 4.0.0 4.0.0
Bsafe_micro-edition-suite Dell 4.0.1 4.0.1
Bsafe_micro-edition-suite Dell 4.0.2 4.0.2
Bsafe_micro-edition-suite Dell 4.0.3 4.0.3
Bsafe_micro-edition-suite Dell 4.0.4 4.0.4

References