A vulnerability in RSA BSAFE Micro Edition Suite could allow an unauthenticated, remote attacker to access sensitive information on a targeted system.
The vulnerability is due to cryptographic issues in the affected software, which could be leveraged to conduct Bleichenbacher-style covert timing channel attacks. An attacker who can capture traffic between the targeted system and another system or between a user and the targeted system could exploit this vulnerability to access sensitive information, such as RSA keys. A successful exploit could be used to conduct further attacks.
RSA has confirmed the vulnerability and released software updates.
Security Impact Rating: Medium