The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
Base Score: 4.3
Impact Score: 2.9
Exploitability Score: 8.6
Base Score: 6.5
Impact Score: 3.6
Exploitability Score: 2.8
cpe:2.3:a:dell:bsafe_ssl-j:*:*:*:*:*:*:*:* versions up to 188.8.131.52 (inclusive)
cpe:2.3:a:dell:bsafe_cert-j:*:*:*:*:*:*:*:* versions up to 6.2.4 (inclusive)