DSA-2020-286: Dell BSAFE Crypto-C Micro Edition 4.1.5 and Dell BSAFE Micro Edition Suite 4.6 Multiple Security Vulnerabilities

概要: Dell BSAFE Crypto-C Micro Edition and Dell BSAFE Micro Edition Suite remediations are available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

対象製品

この記事は次に適用されます：この記事は次には適用されません：この記事は、特定の製品に関連付けられていません。すべての製品パージョンがこの記事に記載されているわけではありません。

影響

Critical

詳細

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2020-35169	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.	9.1	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-29504	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability.	7.4	AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-29505	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability.	7.1	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2020-29506	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.	6.8	AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
CVE-2020-35164	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	6.7	AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-21575	Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.	5.9	AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-29507	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.	5.3	AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29508	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability.	5.3	AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-35163	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability.	5.3	AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-35165	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	5.1	AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-35166	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	5.1	AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-35167	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	4.8	AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2020-35168	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	4.7	AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Proprietary Code CVEs	Description	CVSS Base Score	CVSS Vector String
CVE-2020-35169	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability.	9.1	AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-29504	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability.	7.4	AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-29505	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Key Management Error Vulnerability.	7.1	AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2020-29506	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.	6.8	AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
CVE-2020-35164	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	6.7	AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-21575	Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability.	5.9	AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-29507	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability.	5.3	AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29508	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Improper Input Validation Vulnerability.	5.3	AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-35163	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain a Use of Insufficiently Random Values Vulnerability.	5.3	AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2020-35165	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	5.1	AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-35166	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	5.1	AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-35167	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	4.8	AV:P/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2020-35168	Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability.	4.7	AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

デル・テクノロジーズでは、すべてのお客様に対して、CVSSベーススコアに加えて、特定のセキュリティの脆弱性に付随する潜在的な重要度に影響する可能性のある現状スコアや環境スコアも考慮することをお勧めしています。

影響を受ける製品と修復

CVEs addressed	Product	Affected Versions	Updated Versions
CVE-2020-35169 CVE-2020-29504 CVE-2020-29505 CVE-2020-29506 CVE-2021-21575	Dell BSAFE Crypto-C Micro Edition	All versions before 4.1.5	4.1.5
	Dell BSAFE Micro Edition Suite	All versions before 4.5.2	4.5.2 4.6
CVE-2020-35164 CVE-2020-29508 CVE-2020-35163 CVE-2020-35165 CVE-2020-35166 CVE-2020-35167 CVE-2020-35168	Dell BSAFE Crypto-C Micro Edition	All versions before 4.1.5	4.1.5
	Dell BSAFE Micro Edition Suite	All versions before 4.6	4.6
CVE-2020-29507	Dell BSAFE Crypto-C Micro Edition	All versions before 4.1.4	4.1.4
CVE-2020-29507	Dell BSAFE Micro Edition Suite	All versions before 4.4	4.4

CVEs addressed	Product	Affected Versions	Updated Versions
CVE-2020-35169 CVE-2020-29504 CVE-2020-29505 CVE-2020-29506 CVE-2021-21575	Dell BSAFE Crypto-C Micro Edition	All versions before 4.1.5	4.1.5
	Dell BSAFE Micro Edition Suite	All versions before 4.5.2	4.5.2 4.6
CVE-2020-35164 CVE-2020-29508 CVE-2020-35163 CVE-2020-35165 CVE-2020-35166 CVE-2020-35167 CVE-2020-35168	Dell BSAFE Crypto-C Micro Edition	All versions before 4.1.5	4.1.5
	Dell BSAFE Micro Edition Suite	All versions before 4.6	4.6
CVE-2020-29507	Dell BSAFE Crypto-C Micro Edition	All versions before 4.1.4	4.1.4
CVE-2020-29507	Dell BSAFE Micro Edition Suite	All versions before 4.4	4.4

回避策と緩和策

Workarounds or mitigation may exist based on individual use case and usage of the product. Only customers with active BSAFE maintenance contracts can receive details about the vulnerabilities, including possible workaround or mitigations.

変更履歴

Revision	Date	Description
1.0	2019-09-11	Initial revision.
2.0	2022-07-06	Details provided.

法的免責事項

対象製品

BSAFE Crypto-C Micro Edition, BSAFE Micro Edition Suite, Product Security Information

文書番号: 000181115

文書の種類: Dell Security Advisory

最終更新: 07 5月 2026

お使いのデバイスがサポートサービスの対象かどうかを確認してください。

DSA-2020-286: Dell BSAFE Crypto-C Micro Edition 4.1.5 and Dell BSAFE Micro Edition Suite 4.6 Multiple Security Vulnerabilities

概要: Dell BSAFE Crypto-C Micro Edition and Dell BSAFE Micro Edition Suite remediations are available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

影響

詳細

影響を受ける製品と修復

回避策と緩和策

変更履歴

関連情報

法的免責事項

対象製品

影響

詳細

影響を受ける製品と修復

回避策と緩和策

変更履歴

関連情報

法的免責事項

対象製品

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポートサービス

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポートサービス

DSA-2020-286: Dell BSAFE Crypto-C Micro Edition 4.1.5 and Dell BSAFE Micro Edition Suite 4.6 Multiple Security Vulnerabilities

概要: Dell BSAFE Crypto-C Micro Edition and Dell BSAFE Micro Edition Suite remediations are available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ... 表示を増やす 表示を減らす

詳細記事

影響

詳細

影響を受ける製品と修復

回避策と緩和策

変更履歴

関連情報

法的免責事項

対象製品

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポート サービス

文書のプロパティ

質問に対する他のDellユーザーからの回答を見つける

サポート サービス

概要: Dell BSAFE Crypto-C Micro Edition and Dell BSAFE Micro Edition Suite remediations are available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system. ...

サポートサービス

サポートサービス