Vulnerability Details CVE-2014-0627
The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.7%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-0627
-
cpe:2.3:a:dell:bsafe_ssl-j:5.1.2
-
cpe:2.3:a:dell:bsafe_ssl-j:6.0
-
cpe:2.3:a:emc:rsa_bsafe_ssl-j:5.0
-
cpe:2.3:a:emc:rsa_bsafe_ssl-j:5.1.0
-
cpe:2.3:a:emc:rsa_bsafe_ssl-j:5.1.1
-
cpe:2.3:a:emc:rsa_bsafe_ssl-j:6.0.1