Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WebLogic Observable Discrepancy Vulnerability - CVE-2019-3739 - Vulnerability Database
WebLogic

WebLogic Observable Discrepancy Vulnerability - CVE-2019-3739

Medium
Reference: CVE-2019-3739
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2019-3739
Title: WebLogic Observable Discrepancy Vulnerability
Overview:

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA keys.