CVE-2020-29507: 
Oracle Database Server vulnerability analysis and mitigation

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.4, and Dell BSAFE Micro Edition Suite, versions before 4.4, contain an Improper Input Validation Vulnerability. The vulnerability was assigned CVE-2020-29507 and received a CVSS v3.1 base score of 5.3 (Medium) (Dell Advisory).

The vulnerability is characterized as an Improper Input Validation issue (CWE-20). It has a CVSS vector string of AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, indicating that it is network-accessible, requires low attack complexity, needs no privileges or user interaction, and can lead to low confidentiality impact (NVD).

The vulnerability could allow an unauthenticated remote attacker to potentially gain unauthorized access to information through network-based attacks. The impact is primarily limited to confidentiality, with no direct impact on integrity or availability of the system (Dell Advisory).

Dell has released updated versions to address this vulnerability. Users should upgrade Dell BSAFE Crypto-C Micro Edition to version 4.1.4 or later, and Dell BSAFE Micro Edition Suite to version 4.4 or later. Dell notes that workarounds or mitigations may exist based on individual use cases, but these are only available to customers with active BSAFE maintenance contracts (Dell Advisory).