RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition ASN.1 Data-Parsing Uncontrolled Resource Consumption Vulnerability



A vulnerability in RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to uncontrolled resource consumption by the affected software when parsing ASN.1 data. An attacker could exploit this vulnerability by sending crafted ASN.1 data to a targeted system. A successful exploit could exhaust memory resources, resulting in a DoS condition.

RSA has confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2018-11056

Source:: Cisco Multivendor Vulnerability Alerts