vulnerability

Oracle WebLogic: CVE-2019-3740 : Critical Patch Update

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Sep 18, 2019
Added
Apr 20, 2021
Modified
Apr 20, 2021

Description

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys.

Solution(s)

oracle-weblogic-apr-2021-cpu-10_3_6_0_0oracle-weblogic-apr-2021-cpu-12_2_1_3_0oracle-weblogic-apr-2021-cpu-12_2_1_4_0oracle-weblogic-apr-2021-cpu-14_1_1_0_0
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.