CVE-2016-0887

MEDIUM Year: 2016
CVSS v3 Score
5.9
Medium
CVSS v2 Score
2.6
Low
Weakness Type
CWE-200
View all →

Vulnerability Description

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session.

Related Vulnerabilities

CVE-2007-2479

MEDIUM
CVSS:5.9(Medium)

Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially sensitive information via long CTCP PING messages that contain UTF-8 characters, which generates a malformed ...

CWE-2002007

CVE-2011-4076

MEDIUM
CVSS:5.9(Medium)

OpenStack Nova before 2012.1 allows someone with access to an EC2_ACCESS_KEY (equivalent to a username) to obtain the EC2_SECRET_KEY (equivalent to a password). Exposing the EC2_ACCESS_KEY via http or...

CWE-2002011

CVE-2013-3587

MEDIUM
CVSS:5.9(Medium)

The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle at...

CWE-2002013

CVE-2013-6681

MEDIUM
CVSS:5.9(Medium)

Tube Map Live Underground for Android before 3.0.22 has an Information Disclosure Vulnerability

CWE-2002013

CVE-2014-2359

MEDIUM
CVSS:5.9(Medium)

OleumTech Wireless Sensor Network devices allow remote attackers to obtain sensitive information about sensor nodes or spoof devices by reading cleartext protocol data.

CWE-2002014

CVE-2014-4024

MEDIUM
CVSS:5.9(Medium)

SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used ...

CWE-2002014