{"api_version":"1","generated_at":"2026-04-22T22:48:13+00:00","cve":"CVE-2019-3732","urls":{"html":"https://cve.report/CVE-2019-3732","api":"https://cve.report/api/cve/CVE-2019-3732.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-3732","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-3732"},"summary":{"title":"CVE-2019-3732","description":"RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.","state":"PUBLIC","assigner":"secure@dell.com","published_at":"2019-09-30 22:15:00","updated_at":"2022-04-12 18:40:00"},"problem_types":["CWE-203"],"metrics":[],"references":[{"url":"https://www.dell.com/support/kbdoc/000194054","name":"https://www.dell.com/support/kbdoc/000194054","refsource":"MISC","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"404"},{"url":"https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE&#174;-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","name":"https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE&#174;-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","refsource":"MISC","tags":["Third Party Advisory"],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE®-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","name":"MISC:https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE&#174;-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab","refsource":"MITRE","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-3732","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3732","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition_suite","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe_crypto-c-micro-edition","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"dell","cpe5":"bsafe_micro-edition-suite","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition_suite","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition_suite","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3732","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_bsafe_crypto-c","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"micro_edition","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@dell.com","DATE_PUBLIC":"2019-09-12","ID":"CVE-2019-3732","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"RSA BSAFE Crypto-C Micro Edition","version":{"version_data":[{"version_affected":"<","version_value":"4.1.4"}]}},{"product_name":"RSA BSAFE MES","version":{"version_data":[{"version_affected":"<","version_value":"4.4"}]}}]},"vendor_name":"Dell"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure."}]},"impact":{"cvss":{"baseScore":5.9,"baseSeverity":"Medium","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-385: Covert Timing Channel"}]}]},"references":{"reference_data":[{"refsource":"MISC","url":"https://www.dell.com/support/kbdoc/000194054","name":"https://www.dell.com/support/kbdoc/000194054"}]}},"nvd":{"publishedDate":"2019-09-30 22:15:00","lastModifiedDate":"2022-04-12 18:40:00","problem_types":["CWE-203"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:emc:rsa_bsafe_crypto-c:*:*:*:*:micro_edition:*:*:*","versionStartIncluding":"4.1","versionEndExcluding":"4.1.3.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_crypto-c-micro-edition:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndExcluding":"4.0.5.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.11","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"4.1.6.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndExcluding":"4.3.3","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"3732","Ordinal":"141341","Title":"CVE-2019-3732","CVE":"CVE-2019-3732","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"3732","Ordinal":"1","NoteData":"RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of exposure.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"3732","Ordinal":"2","NoteData":"2019-09-30","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"3732","Ordinal":"3","NoteData":"2022-02-04","Type":"Other","Title":"Modified"}]}}}