Lucene search

RedhatCVE-2012-2684

HistorySep 28, 2012 - 5:55 p.m.

CVE-2012-2684

2012-09-2817:55:00

CWE-89

redhat

web.nvd.nist.gov

cve-2012-2684

sql injection

cumin

red hat

mrg 2.0

remote execution

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

Low

EPSS

0.004

Percentile

74.5%

JSON

Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.

Affected configurations

Nvd

Node

trevor_mckaycuminRange≤0.1.5192-4

trevor_mckaycuminMatch0.1.3160-1

trevor_mckaycuminMatch0.1.4369-1

trevor_mckaycuminMatch0.1.4410-2

trevor_mckaycuminMatch0.1.4494-1

trevor_mckaycuminMatch0.1.4794-1

trevor_mckaycuminMatch0.1.4916-1

trevor_mckaycuminMatch0.1.5033-1

trevor_mckaycuminMatch0.1.5037-1

trevor_mckaycuminMatch0.1.5054-1

trevor_mckaycuminMatch0.1.5068-1

trevor_mckaycuminMatch0.1.5092-1

trevor_mckaycuminMatch0.1.5098-2

trevor_mckaycuminMatch0.1.5105-1

trevor_mckaycuminMatch0.1.5137-1

trevor_mckaycuminMatch0.1.5137-2

trevor_mckaycuminMatch0.1.5137-3

trevor_mckaycuminMatch0.1.5137-4

trevor_mckaycuminMatch0.1.5137-5

trevor_mckaycuminMatch0.1.5192-1

redhatenterprise_mrgMatch2.0

VendorProductVersionCPE
trevor_mckaycumin*cpe:2.3:a:trevor_mckay:cumin:*:*:*:*:*:*:*:*
trevor_mckaycumin0.1.3160-1cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1:*:*:*:*:*:*:*
trevor_mckaycumin0.1.4369-1cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1:*:*:*:*:*:*:*
trevor_mckaycumin0.1.4410-2cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2:*:*:*:*:*:*:*
trevor_mckaycumin0.1.4494-1cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1:*:*:*:*:*:*:*
trevor_mckaycumin0.1.4794-1cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1:*:*:*:*:*:*:*
trevor_mckaycumin0.1.4916-1cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1:*:*:*:*:*:*:*
trevor_mckaycumin0.1.5033-1cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1:*:*:*:*:*:*:*
trevor_mckaycumin0.1.5037-1cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1:*:*:*:*:*:*:*
trevor_mckaycumin0.1.5054-1cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
trevor_mckay	cumin	*	cpe:2.3:a:trevor_mckay:cumin::::::::
trevor_mckay	cumin	0.1.3160-1	cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1:::::::*
trevor_mckay	cumin	0.1.4369-1	cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1:::::::*
trevor_mckay	cumin	0.1.4410-2	cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2:::::::*
trevor_mckay	cumin	0.1.4494-1	cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1:::::::*
trevor_mckay	cumin	0.1.4794-1	cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1:::::::*
trevor_mckay	cumin	0.1.4916-1	cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1:::::::*
trevor_mckay	cumin	0.1.5033-1	cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1:::::::*
trevor_mckay	cumin	0.1.5037-1	cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1:::::::*
trevor_mckay	cumin	0.1.5054-1	cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1:::::::*