National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2016-0924

Change History

- 10/17/2016 11:47:36 PM

Action Type Old Value New Value
Changed Display Vulnerability
true
false
Changed Description
The TLS 1.2 implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 supports MD5 signatures, which makes it easier for man-in-the-middle attackers to impersonate clients via a transcript-collision attack.
** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2004-2761.  Reason: This candidate is subsumed by CVE-2004-2761.  Notes: All CVE users should reference CVE-2004-2761 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.
Removed Reference
http://seclists.org/bugtraq/2016/Sep/25
Removed Reference
https://www.mitls.org/pages/attacks/SLOTH
Removed CWE
CWE-310
Removed CVSS V2
(AV:N/AC:H/Au:N/C:P/I:N/A:N)
Removed CVSS V3
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Removed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:emc:rsa_bsafe:4.1.4:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.1.3:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.1.2:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.1.1:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.1.0:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.0:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.1:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.2:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.3:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.4:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.5:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.6:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.7:*:*:*:micro_edition_suite:*:*:*
          *cpe:2.3:a:emc:rsa_bsafe:4.0.8:*:*:*:micro_edition_suite:*:*:*