[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ESA-2017-031: RSA BSAFE® Cert-C Improper Certificate Processing Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

ESA-2017-031: RSA BSAFE® Cert-C Improper Certificate Processing Vulnerability

EMC Identifier: ESA-2017-031

CVE Identifier: CVE-2017-4981

 

Severity Rating: 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)

 

Affected Products: 

RSA BSAFE Cert-C all versions prior to 2.9.0.5  (RSA BSAFE Cert C is End of 
Primary Support and End of Extended Support per prior notification)

Summary:  

RSA BSAFE Cert-C contains updates designed to address a potential improper 
certificate processing vulnerability.

 

Details:  

RSA BSAFE Cert-C is affected by a potential improper certificate processing 
vulnerability. The vulnerability is caused by a faulty certificate processing 
logic that may potentially cause a crash in RSA BSAFE Cert-C. 

 

Recommendation: 

The following RSA BSAFE Cert-C release contains a resolution to this 
vulnerability:
?RSA BSAFE Cert-C version 2.9.0.5

 

RSA recommends all customers upgrade at the earliest opportunity. 

 

RSA also reminds customers that RSA BSAFE Cert-C is now End of Primary Support 
and End of Extended Support per prior notification and customers are strongly 
advised to migrate to other solutions at the earliest opportunity.

 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJZP+7qAAoJEHbcu+fsE81ZK6MH/1TZIMEEzWwdOIgt+yKLMBFO
uzLF/0GmkuWnu1bEvdA4dXvOFovuUQRRb33dE8DRHFknnybqQbH0jw3Tv9kPcE1x
+YNUt30zPd8RAn5IyuCC9Zi8fVObpfyhJAmPsOrzqrjeJjZ14Ud372+z3qjZE8yw
DrnPnde+uVhJzHtuBeWwxdhOUoT6giQNEVETWybU3jolLSumJ8pIvPhXf5B9j7CI
5yIVubr4QRLTNhIWunlmZ5rY9+dz5fIKYlaSZ8ow6CHEzeLOj0GUYIFB7CQuz7Dn
3PAONK5r6ramzRYvmnPV0RAZCkzzu3sHWROgIRR3qbyLgLxsQJZofLUaRQ8eX48=
=uy7+
-----END PGP SIGNATURE-----