{"api_version":"1","generated_at":"2026-05-05T11:16:34+00:00","cve":"CVE-2015-0523","urls":{"html":"https://cve.report/CVE-2015-0523","api":"https://cve.report/api/cve/CVE-2015-0523.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2015-0523","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2015-0523"},"summary":{"title":"CVE-2015-0523","description":"EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allow remote attackers to cause an Administration Server denial of service via an invalid MIME e-mail message with a multipart/* Content-Type header.","state":"PUBLIC","assigner":"security_alert@emc.com","published_at":"2015-03-12 10:59:00","updated_at":"2016-08-24 19:26:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"http://seclists.org/bugtraq/2015/Mar/47","name":"20150311 ESA-2015-014: RSA Digital Certificate Solution Multiple Vulnerabilities","refsource":"BUGTRAQ","tags":["Third Party Advisory","VDB Entry"],"title":"Bugtraq: ESA-2015-014: RSA® Digital Certificate Solution Multiple  Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1031912","name":"1031912","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"RSA Digital Certificate Manager Input Validation Flaws Permit Cross-Site Scripting and Denial of Service Attacks - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html","name":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html","refsource":"MISC","tags":["Third Party Advisory","VDB Entry"],"title":"RSA Digital Certificate Solution XSS / Denial Of Service ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2015-0523","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0523","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2015","cve_id":"523","vulnerable":"1","versionEndIncluding":"6.8","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_certificate_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2015","cve_id":"523","vulnerable":"1","versionEndIncluding":"6.8","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"rsa_registration_manager","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security_alert@emc.com","ID":"CVE-2015-0523","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allow remote attackers to cause an Administration Server denial of service via an invalid MIME e-mail message with a multipart/* Content-Type header."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20150311 ESA-2015-014: RSA Digital Certificate Solution Multiple Vulnerabilities","refsource":"BUGTRAQ","url":"http://seclists.org/bugtraq/2015/Mar/47"},{"name":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html","refsource":"MISC","url":"http://packetstormsecurity.com/files/130769/RSA-Digital-Certificate-Solution-XSS-Denial-Of-Service.html"},{"name":"1031912","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1031912"}]}},"nvd":{"publishedDate":"2015-03-12 10:59:00","lastModifiedDate":"2016-08-24 19:26:00","problem_types":["CWE-20"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":7.8},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:emc:rsa_certificate_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"6.8","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:emc:rsa_registration_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"6.8","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2015","CveId":"523","Ordinal":"76984","Title":"CVE-2015-0523","CVE":"CVE-2015-0523","Year":"2015"},"notes":[{"CveYear":"2015","CveId":"523","Ordinal":"1","NoteData":"EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allow remote attackers to cause an Administration Server denial of service via an invalid MIME e-mail message with a multipart/* Content-Type header.","Type":"Description","Title":null},{"CveYear":"2015","CveId":"523","Ordinal":"2","NoteData":"2015-03-12","Type":"Other","Title":"Published"},{"CveYear":"2015","CveId":"523","Ordinal":"3","NoteData":"2015-03-16","Type":"Other","Title":"Modified"}]}}}