{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T10:16:39.537","vulnerabilities":[{"cve":{"id":"CVE-2018-1232","sourceIdentifier":"security_alert@emc.com","published":"2018-03-30T21:29:01.700","lastModified":"2024-11-21T03:59:25.957","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation."},{"lang":"es","value":"RSA Authentication Agent en versiones 8.0.1 y anteriores para Web para IIS y Apache Web Server se ve afectado por un desbordamiento de búfer basado en pila que puede ocurrir cuando se manipulan determinadas cookies web maliciosas que tienen formatos no válidos. El atacante podría explotar esta vulnerabilidad para cerrar de manera inesperada el agente de autenticación y provocar una situación de denegación de servicio (DoS)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rsa:authentication_agent_for_web:*:*:*:*:*:apache_web_server:*:*","versionEndIncluding":"8.0.1","matchCriteriaId":"64395674-3183-4B8B-8881-802DEB973FDE"},{"vulnerable":true,"criteria":"cpe:2.3:a:rsa:authentication_agent_for_web:*:*:*:*:*:iis:*:*","versionEndIncluding":"8.0.1","matchCriteriaId":"C4DED5D1-72F4-4219-BF7B-78D070C14187"}]}]}],"references":[{"url":"http://seclists.org/fulldisclosure/2018/Mar/60","source":"security_alert@emc.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securitytracker.com/id/1040577","source":"security_alert@emc.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2018/Mar/60","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.securitytracker.com/id/1040577","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}