Description

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.

Remediation

References

CVE-2019-3740

Related Vulnerabilities

WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)

WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress SQL Injection (1.1.9)

WordPress Plugin Car Demon Multiple Vulnerabilities (1.7.97)

WordPress Plugin White Label CMS Cross-Site Scripting (1.5.2)

WordPress Plugin Download Monitor Cross-Site Scripting (1.7.0)

Severity

Medium

Classification

CVE-2019-3740 CWE-203 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities