CVE-2014-0636

EMC RSA BSAFE Micro Edition Suite (MES) 3.2.x before 3.2.6 and 4.0.x before 4.0.5 does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate chain.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
dellCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
dellbsafe_micro-edition-suite
3.2.0
dellbsafe_micro-edition-suite
3.2.1
dellbsafe_micro-edition-suite
3.2.2
dellbsafe_micro-edition-suite
3.2.3
dellbsafe_micro-edition-suite
3.2.4
dellbsafe_micro-edition-suite
3.2.5
dellbsafe_micro-edition-suite
4.0.0
dellbsafe_micro-edition-suite
4.0.1
dellbsafe_micro-edition-suite
4.0.2
dellbsafe_micro-edition-suite
4.0.3
dellbsafe_micro-edition-suite
4.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2014-04/0069.html
http://www.securityfocus.com/bid/66791
http://archives.neohapsis.com/archives/bugtraq/2014-04/0069.html
http://www.securityfocus.com/bid/66791