{"api_version":"1","generated_at":"2026-04-22T22:48:04+00:00","cve":"CVE-2019-3728","urls":{"html":"https://cve.report/CVE-2019-3728","api":"https://cve.report/api/cve/CVE-2019-3728.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-3728","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-3728"},"summary":{"title":"CVE-2019-3728","description":"RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system.","state":"PUBLIC","assigner":"secure@dell.com","published_at":"2019-09-30 22:15:00","updated_at":"2022-03-31 18:09:00"},"problem_types":["CWE-125"],"metrics":[],"references":[{"url":"https://www.dell.com/support/kbdoc/000194054","name":"https://www.dell.com/support/kbdoc/000194054","refsource":"MISC","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE&#174;-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","name":"https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE&#174;-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","refsource":"MISC","tags":["Third Party Advisory"],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE®-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","name":"MISC:https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE&#174;-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","refsource":"MITRE","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-3728","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3728","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition_suite","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe_crypto-c-micro-edition","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe_micro-edition-suite","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition_suite","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition_suite","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3728","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2019-09-12","ID":"CVE-2019-3728","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"RSA BSAFE Crypto-C Micro Edition","version":{"version_data":[{"version_affected":"<","version_value":"4.1.4"}]}},{"product_name":"RSA BSAFE MES","version":{"version_data":[{"version_affected":"<","version_value":"4.4"}]}}]},"vendor_name":"Dell"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system."}]},"impact":{"cvss":{"baseScore":7.5,"baseSeverity":"High","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-125: Out-of-bounds Read"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://www.dell.com/support/kbdoc/000194054","name":"https://www.dell.com/support/kbdoc/000194054"}]}},"nvd":{"publishedDate":"2019-09-30 22:15:00","lastModifiedDate":"2022-03-31 18:09:00","problem_types":["CWE-125"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.5.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"4.1.4","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.13","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"4.4.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"3728","Ordinal":"141337","Title":"CVE-2019-3728","CVE":"CVE-2019-3728","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"3728","Ordinal":"1","NoteData":"RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA BSAFE Micro Edition Suite versions prior to 4.0.13 (in 4.0.x) and prior to 4.4 (in 4.1.x, 4.2.x, 4.3.x) are vulnerable to a Buffer Over-read vulnerability when processing DSA signature. A malicious remote user could potentially exploit this vulnerability to cause a crash in the library of the affected system.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"3728","Ordinal":"2","NoteData":"2019-09-30","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"3728","Ordinal":"3","NoteData":"2022-02-04","Type":"Other","Title":"Modified"}]}}}