Lucene search
RedhatCVE-2012-2735HistorySep 28, 2012 - 5:55 p.m.
CVE-2012-2735
2012-09-2817:55:01
redhat
web.nvd.nist.gov
35
cve
2012
2735
session fixation
cumin
red hat
enterprise messaging
realtime
grid
mrg 2.0
remote hijacking
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
56.5%
Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.
Affected configurations
Node
trevor_mckaycuminRange≤0.1.5192-4
ORtrevor_mckaycuminMatch0.1.3160-1
ORtrevor_mckaycuminMatch0.1.4369-1
ORtrevor_mckaycuminMatch0.1.4410-2
ORtrevor_mckaycuminMatch0.1.4494-1
ORtrevor_mckaycuminMatch0.1.4794-1
ORtrevor_mckaycuminMatch0.1.4916-1
ORtrevor_mckaycuminMatch0.1.5033-1
ORtrevor_mckaycuminMatch0.1.5037-1
ORtrevor_mckaycuminMatch0.1.5054-1
ORtrevor_mckaycuminMatch0.1.5068-1
ORtrevor_mckaycuminMatch0.1.5092-1
ORtrevor_mckaycuminMatch0.1.5098-2
ORtrevor_mckaycuminMatch0.1.5105-1
ORtrevor_mckaycuminMatch0.1.5137-1
ORtrevor_mckaycuminMatch0.1.5137-2
ORtrevor_mckaycuminMatch0.1.5137-3
ORtrevor_mckaycuminMatch0.1.5137-4
ORtrevor_mckaycuminMatch0.1.5137-5
ORtrevor_mckaycuminMatch0.1.5192-1
ORredhatenterprise_mrgMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| trevor_mckay | cumin | * | cpe:2.3:a:trevor_mckay:cumin:*:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.3160-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4369-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4410-2 | cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4494-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4794-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4916-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.5033-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.5037-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.5054-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1:*:*:*:*:*:*:* |
Related
veracode
veracode
Session Fixation
2019-05-02 04:43:24
Unauthorised Removal Of Idle Jobs
2019-05-02 04:43:19
Cross-site Scripting (XSS)
2019-05-02 04:43:17
cvelist
cvelist
CVE-2012-2735
2012-09-28 17:00:00
prion
prion
Session fixation
2012-09-28 17:55:00
nvd
nvd
CVE-2012-2735
2012-09-28 17:55:01
redhat
redhat
(RHSA-2012:1281) Moderate: Red Hat Enterprise MRG Grid 2.2 security update
2012-09-19 00:00:00
(RHSA-2012:1278) Moderate: Red Hat Enterprise MRG Grid 2.2 security update
2012-09-19 00:00:00
nessus
nessus
RHEL 5 : MRG (RHSA-2012:1278)
2014-07-22 00:00:00
RHEL 6 : Red Hat Enterprise MRG Grid 2.2 (RHSA-2012:1281)
2014-07-22 00:00:00
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
56.5%
Related for CVE-2012-2735