Description
Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service (DoS).
Published: 2026-06-04
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Dell BSAFE SSL‑J contains a resource‑exhaustion flaw that allows an attacker to allocate resources without limits or throttling. An unauthenticated remote attacker could trigger the flaw, exhausting system resources such as memory or CPU and causing the SSL‑J service to become unresponsive, effectively denying legitimate users access.

Affected Systems

The affected product is Dell BSAFE SSL‑J. No specific version information was disclosed in the advisory, so all installations of this SSL library are potentially at risk until a patch is applied.

Risk and Exploitability

The vulnerability has a CVSS score of 7.5 and is not listed in the CISA KEV catalog. EPSS data is unavailable, so the likelihood of exploitation is unknown. Based on the description, it is inferred that the attack vector is remote, requiring no authentication. If exploited, the impact is a denial of service affecting the availability of services that rely on the vulnerable SSL component.

Generated by OpenCVE AI on June 4, 2026 at 14:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Dell security update for BSAFE SSL‑J as detailed in the Dell DSA‑2025‑432 advisory.
  • If an update is not immediately available, limit the exposure of the SSL‑J service by restricting network access (e.g., firewall rules) or isolating the affected systems until a patch is installed.
  • Consider implementing application‑level resource limits or monitoring thresholds for CPU and memory usage on systems that host BSAFE SSL‑J to detect and mitigate potential exhaustion attacks.

Generated by OpenCVE AI on June 4, 2026 at 14:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 04 Jun 2026 15:15:00 +0000

Type Values Removed Values Added
Title Resource Exhaustion Leading to DoS in Dell BSAFE SSL-J
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell bsafe Ssl-j
Vendors & Products Dell
Dell bsafe Ssl-j

Thu, 04 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Description Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service (DoS).
Weaknesses CWE-770
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Dell Bsafe Ssl-j
cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published:

Updated: 2026-06-04T14:11:46.824Z

Reserved: 2025-04-26T05:03:53.129Z

Link: CVE-2025-46638

cve-icon Vulnrichment

Updated: 2026-06-04T14:10:25.919Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-04T14:16:34.527

Modified: 2026-06-04T15:21:14.080

Link: CVE-2025-46638

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-04T15:00:15Z

Weaknesses
  • CWE-770

    Allocation of Resources Without Limits or Throttling