CVE-2020-29506: 
Oracle Database Server vulnerability analysis and mitigation

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability. This vulnerability was assigned CVE-2020-29506 and was disclosed as part of multiple security vulnerabilities affecting these Dell products (Dell Advisory).

The vulnerability has been assigned a CVSS v3.1 base score of 6.8 (Medium) with the vector string AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N. This indicates that the vulnerability is network-accessible, requires high attack complexity, needs no privileges or user interaction, has changed scope, and can impact confidentiality but not integrity or availability (Dell Advisory).

The Observable Timing Discrepancy Vulnerability could potentially lead to unauthorized disclosure of sensitive information through timing analysis. The vulnerability affects the confidentiality of the system but does not impact system integrity or availability (Dell Advisory).

Dell has released updated versions to address this vulnerability. Users should upgrade Dell BSAFE Crypto-C Micro Edition to version 4.1.5 or later, and Dell BSAFE Micro Edition Suite to version 4.5.2 or later. Dell notes that workarounds or mitigations may exist based on individual use cases, but these are only available to customers with active BSAFE maintenance contracts (Dell Advisory).