RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Bsafe_cert-j | Dell | * | 6.2.4 (including) |
Bsafe_crypto-j | Dell | * | 6.2.5 (excluding) |
Bsafe_ssl-j | Dell | * | 6.2.4.1 (including) |