Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.
Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Bsafe_crypto-c-micro-edition | Dell | * | 4.1.5 (excluding) |
Bsafe_micro-edition-suite | Dell | * | 4.6 (excluding) |