VIR Vulnerability Intelligence Relay

CVE-2016-0887

medium
Published 2016-04-12 ยท Modified 2026-05-06
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
5.9
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
5.9

Description

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x and 4.1.x before 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.0.x and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2.1, RSA BSAFE SSL-J before 6.2.1, and RSA BSAFE SSL-C before 2.8.9 allow remote attackers to discover a private-key prime by conducting a Lenstra side-channel attack that leverages an application's failure to detect an RSA signature failure during a TLS session.

Predictions

Exploit likelihood
69%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Application impact
VendorProductVersionsFixed
dell dellbsafe_crypto-c-micro-edition{"startIncluding":"4.0","endIncluding":"4.0.5.3"}
dell dellbsafe_crypto-j{"endExcluding":"6.2.1"}6.2.1
dell dellbsafe_micro-edition-suite{"startIncluding":"4.0.0","endIncluding":"4.0.11"}
dell dellbsafe_ssl-c{"endExcluding":"2.8.9"}2.8.9
dell dellbsafe_ssl-j{"endExcluding":"6.2.1"}6.2.1

References

CWEs

CWE-200

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.