Vulnerability Details CVE-2016-0923
The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5 places the weakest algorithms first in a signature-algorithm list transmitted to a server, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging server behavior in which the first algorithm is used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2016-0923
-
cpe:2.3:a:dell:bsafe:4.0.0
-
cpe:2.3:a:dell:bsafe:4.0.1
-
cpe:2.3:a:dell:bsafe:4.0.2
-
cpe:2.3:a:dell:bsafe:4.0.3
-
cpe:2.3:a:dell:bsafe:4.0.4
-
cpe:2.3:a:dell:bsafe:4.0.5
-
cpe:2.3:a:dell:bsafe:4.0.5.3
-
cpe:2.3:a:dell:bsafe:4.0.7
-
cpe:2.3:a:dell:bsafe:4.0.8
-
cpe:2.3:a:dell:bsafe:4.1.0
-
cpe:2.3:a:dell:bsafe:4.1.0.1
-
cpe:2.3:a:dell:bsafe:4.1.1
-
cpe:2.3:a:dell:bsafe:4.1.2
-
cpe:2.3:a:dell:bsafe:4.1.3
-
cpe:2.3:a:dell:bsafe:4.1.4