cvelist/2019/3xxx/CVE-2019-3730.json

{
    "CVE_data_meta": {
        "ASSIGNER": "secure@dell.com",
        "DATE_PUBLIC": "2019-09-12",
        "ID": "CVE-2019-3730",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "RSA BSAFE MES",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "4.4"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Dell"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a \u201cpadding oracle attack vulnerability\u201d. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."
            }
        ]
    },
    "impact": {
        "cvss": {
            "baseScore": 5.9,
            "baseSeverity": "Medium",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-649: Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "url": "https://www.dell.com/support/kbdoc/000194054",
                "name": "https://www.dell.com/support/kbdoc/000194054"
            }
        ]
    }
}
- Synchronized data. 2019-01-03 14:05:09 -05:00			`{`
"-Synchronized-Data." 2019-03-18 00:22:17 +00:00			`"CVE_data_meta": {`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`"ASSIGNER": "secure@dell.com",`
			`"DATE_PUBLIC": "2019-09-12",`
			`"ID": "CVE-2019-3730",`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`},`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`"product_name": "RSA BSAFE MES",`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"version": {`
			`"version_data": [`
			`{`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`"version_affected": "<",`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"version_value": "4.4"`
			`}`
			`]`
			`}`
			`}`
			`]`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`},`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"vendor_name": "Dell"`
			`}`
			`]`
			`}`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
"-Synchronized-Data." 2019-03-18 00:22:17 +00:00			`"description": {`
			`"description_data": [`
			`{`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`"lang": "eng",`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"value": "RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and prior to 4.4 (in 4.2.x and 4.3.x), are vulnerable to an Information Exposure Through an Error Message vulnerability, also known as a \u201cpadding oracle attack vulnerability\u201d. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."`
			`}`
			`]`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`},`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"impact": {`
			`"cvss": {`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`"baseScore": 5.9,`
			`"baseSeverity": "Medium",`
			`"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"version": "3.0"`
			`}`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`},`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`"lang": "eng",`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"value": "CWE-649: Reliance on Obfuscation or Encryption of Security-Relevant Inputs without Integrity Checking"`
			`}`
			`]`
			`}`
			`]`
"-Synchronized-Data." 2019-09-30 22:01:09 +00:00			`},`
Added CVE-2019-3728 through 3733 2019-09-30 16:40:51 -04:00			`"references": {`
			`"reference_data": [`
			`{`
"-Synchronized-Data." 2022-02-04 23:01:43 +00:00			`"refsource": "MISC",`
			`"url": "https://www.dell.com/support/kbdoc/000194054",`
			`"name": "https://www.dell.com/support/kbdoc/000194054"`
"-Synchronized-Data." 2019-03-18 00:22:17 +00:00			`}`
			`]`
			`}`
			`}`