Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0626


Vulnerability Score 5.0 5.0
CVE Id CVE-2014-0626
Last Modified 18 Feb 2014 02:45:23
Published 17 Feb 2014 07:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 make it easier for remote attackers to bypass intended cryptographic protection mechanisms by triggering application-data processing during the TLS handshake, a time at which the data is both unencrypted and unauthenticated.

Vulnerable Systems


  • Emc Rsa Bsafe Ssl-j 5.0

  • Emc Rsa Bsafe Ssl-j 5.1.0

  • Emc Rsa Bsafe Ssl-j 5.1.1

  • Emc Rsa Bsafe Ssl-j 5.1.2

  • Emc Rsa Bsafe Ssl-j 6.0

  • Emc Rsa Bsafe Ssl-j 6.0.1


BUGTRAQ - 20140214 ESA-2014-009: RSA BSAFE SSL-J Multiple Vulnerabilities

Last Updated: 27 May 2016 11:04:28