The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
Base Score: 4.3
Impact Score: 2.9
Exploitability Score: 8.6
Base Score: 6.5
Impact Score: 3.6
Exploitability Score: 2.8
cpe:2.3:a:dell:bsafe_cert-j:*:*:*:*:*:*:*:* versions up to 6.2.4 (inclusive)
cpe:2.3:a:dell:bsafe_ssl-j:*:*:*:*:*:*:*:* versions up to 22.214.171.124 (inclusive)
cpe:2.3:a:mcafee:threat_intelligence_exchange_server:*:*:*:*:*:*:*:* versions from 2.0.0 to 2.3.1 (inclusive)