vulnerability
Oracle WebLogic: CVE-2019-3740 : Critical Patch Update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Sep 18, 2019 | Apr 20, 2021 | Apr 20, 2021 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Sep 18, 2019
Added
Apr 20, 2021
Modified
Apr 20, 2021
Description
RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.
Solution(s)
oracle-weblogic-apr-2021-cpu-10_3_6_0_0oracle-weblogic-apr-2021-cpu-12_2_1_3_0oracle-weblogic-apr-2021-cpu-12_2_1_4_0oracle-weblogic-apr-2021-cpu-14_1_1_0_0

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.