CVE-2020-35167 MEDIUM

CVE-2020-35167

Vendor Dell

Product Dell BSAFE Crypto-C Micro Edition

Weakness CWE-200 · Info exposure

Published July 11, 2022

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

4.8/10

Attack vector Physical

Attack complexity High

Privileges required Low

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.

Key dates

02Disclosure timeline

July 11, 2022 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-35167 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

Identifiers

CVE CVE-2020-35167

CWE CWE-200

CVSS 4.8 / MEDIUM

Affected versions