CVE Vulnerabilities

CVE-2014-4630

Published: Dec 30, 2014 | Modified: Dec 09, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a servers X.509 certificate is the same during renegotiation as it was before renegotiation, which allows man-in-the-middle attackers to obtain sensitive information or modify TLS session data via a triple handshake attack.

Affected Software

Name Vendor Start Version End Version
Bsafe_micro-edition-suite Dell 4.0.0 4.0.0
Bsafe_micro-edition-suite Dell 4.0.1 4.0.1
Bsafe_micro-edition-suite Dell 4.0.2 4.0.2
Bsafe_micro-edition-suite Dell 4.0.3 4.0.3
Bsafe_micro-edition-suite Dell 4.0.4 4.0.4
Bsafe_micro-edition-suite Dell 4.0.5 4.0.5
Bsafe_ssl-j Dell * 6.1.2

References