CVE-2015-0523
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allow remote attackers to cause an Administration Server denial of service via an invalid MIME e-mail message with a multipart/* Content-Type header.
EMC RSA Certificate Manager (RCM) anterior a 6.9 build 558 y RSA Registration Manager (RRM) anterior a 6.9 build 558 permiten a atacantes remotos causar una denegación de servicio del servidor de administración a través de un mensaje de email MIME inválido con una cabecera de tipo de contenido multipart/*.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-12-17 CVE Reserved
- 2015-03-11 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html | Third Party Advisory |
|
| http://seclists.org/bugtraq/2015/Mar/47 | Mailing List |
|
| http://www.securitytracker.com/id/1031912 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Emc Search vendor "Emc" | Rsa Certificate Manager Search vendor "Emc" for product "Rsa Certificate Manager" | <= 6.8 Search vendor "Emc" for product "Rsa Certificate Manager" and version " <= 6.8" | - |
Affected
| ||||||
| Emc Search vendor "Emc" | Rsa Registration Manager Search vendor "Emc" for product "Rsa Registration Manager" | <= 6.8 Search vendor "Emc" for product "Rsa Registration Manager" and version " <= 6.8" | - |
Affected
| ||||||