CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1232

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.022

EPSS Ranking 83.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://seclists.org/fulldisclosure/2018/Mar/60
http://www.securitytracker.com/id/1040577
http://seclists.org/fulldisclosure/2018/Mar/60
http://www.securitytracker.com/id/1040577

Products affected by CVE-2018-1232

Rsa » Authentication Agent For Web » Version: 8.0

cpe:2.3:a:rsa:authentication_agent_for_web:8.0
Rsa » Authentication Agent For Web » Version: 8.0.1

cpe:2.3:a:rsa:authentication_agent_for_web:8.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1232

Products

Pricing

Contact Us