CVE-2018-11070

RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

RSA BSAFE Crypto-J en versiones anteriores a la 6.2.4 y RSA BSAFE SSL-J en versiones anteriores a la 6.2.4 contienen una vulnerabilidad de canal de tiempo oculto durante las operaciones de "unpadding" PKCS #1. Esto también se conoce como ataque Bleichenbacher. Un atacante remoto podría ser capaz de recuperar una clave RSA.