Lucene search
HistorySep 28, 2012 - 5:55 p.m.
CVE-2012-3459
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.002
Percentile
60.8%
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor.
Affected configurations
Node
trevor_mckaycuminRange≤0.1.5192-4
ORtrevor_mckaycuminMatch0.1.3160-1
ORtrevor_mckaycuminMatch0.1.4369-1
ORtrevor_mckaycuminMatch0.1.4410-2
ORtrevor_mckaycuminMatch0.1.4494-1
ORtrevor_mckaycuminMatch0.1.4794-1
ORtrevor_mckaycuminMatch0.1.4916-1
ORtrevor_mckaycuminMatch0.1.5033-1
ORtrevor_mckaycuminMatch0.1.5037-1
ORtrevor_mckaycuminMatch0.1.5054-1
ORtrevor_mckaycuminMatch0.1.5068-1
ORtrevor_mckaycuminMatch0.1.5092-1
ORtrevor_mckaycuminMatch0.1.5098-2
ORtrevor_mckaycuminMatch0.1.5105-1
ORtrevor_mckaycuminMatch0.1.5137-1
ORtrevor_mckaycuminMatch0.1.5137-2
ORtrevor_mckaycuminMatch0.1.5137-3
ORtrevor_mckaycuminMatch0.1.5137-4
ORtrevor_mckaycuminMatch0.1.5137-5
ORtrevor_mckaycuminMatch0.1.5192-1
ORredhatenterprise_mrgMatch2.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| trevor_mckay | cumin | * | cpe:2.3:a:trevor_mckay:cumin:*:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.3160-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4369-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4410-2 | cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4494-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4794-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.4916-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.5033-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.5037-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1:*:*:*:*:*:*:* |
| trevor_mckay | cumin | 0.1.5054-1 | cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1:*:*:*:*:*:*:* |
Related
prion
prion
Cross site request forgery (csrf)
2012-09-28 17:55:00
cvelist
cvelist
CVE-2012-3459
2012-09-28 17:00:00
cve
cve
CVE-2012-3459
2012-09-28 17:55:01
nessus
nessus
RHEL 5 : MRG (RHSA-2012:1278)
2014-07-22 00:00:00
RHEL 6 : Red Hat Enterprise MRG Grid 2.2 (RHSA-2012:1281)
2014-07-22 00:00:00
veracode
veracode
Unauthorised Removal Of Idle Jobs
2019-05-02 04:43:19
Cross-site Scripting (XSS)
2019-05-02 04:43:17
redhat
redhat
(RHSA-2012:1281) Moderate: Red Hat Enterprise MRG Grid 2.2 security update
2012-09-19 00:00:00
(RHSA-2012:1278) Moderate: Red Hat Enterprise MRG Grid 2.2 security update
2012-09-19 00:00:00
CVSS2
4.9
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.002
Percentile
60.8%
Related for NVD:CVE-2012-3459