Lucene search
K

160 matches found

Cvelist
Cvelist
added 2019/11/21 2:3 p.m.23 views

CVE-2012-3460

cumin: At installation postgresql database user created without password...

9.7AI score0.01306EPSS
Exploits0References2
CVE
CVE
added 2019/11/21 2:3 p.m.49 views

CVE-2012-3460

CVE-2012-3460 affects cumin; the installation process creates a PostgreSQL database user without a password. This root cause enables potential unauthorized access to the database, contributing to a critical risk profile (CVSS v3.1: CRITICAL, 9.8; CVSS v2: HIGH, 7.5). The vulnerability details ava...

9.8CVSS9.4AI score0.01306EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2019/05/02 4:55 a.m.25 views

Cross-site Request Forgery (CSRF)

cumin is vulnerable to cross-site request forgery CSRF. The vulnerability exists through the ability to hijack authentication of cumin users...

6.8CVSS6.2AI score0.00986EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2019/05/02 4:55 a.m.26 views

Cross-site Scripting (XSS)

cumin is vulnerable to cross-site scripting XSS. The vulnerability exists through the Max Allowance field in the Set limit form...

4.3CVSS5.6AI score0.01795EPSS
Exploits0References10Affected Software1
Veracode
Veracode
added 2019/05/02 4:43 a.m.25 views

Session Fixation

Cumin is vulnerable to session fixation. An authenticated remote attacker is able to steal the victim's session after they log into Cumin via a crafted session cookie...

4.9CVSS5.9AI score0.01571EPSS
Exploits0References13Affected Software12
Veracode
Veracode
added 2019/05/02 4:43 a.m.17 views

User Impersanation

cumin is vulnerable to user impersanation. Users able to authentication directories even when they have weak permissions in condorio/condorauthfs.cpp, allowing malicious users to impersonate users by renaming a user's authentication directory...

6.4CVSS6.1AI score0.03184EPSS
Exploits0References24Affected Software12
Veracode
Veracode
added 2019/05/02 4:43 a.m.23 views

Unauthorised Removal Of Idle Jobs

Red Hat Enterprise MRG Messaging, Realtime, and Grid is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. A number of unprotected resources web pages, export functionality,...

7.5CVSS7.1AI score0.03184EPSS
Exploits4References24Affected Software12
Veracode
Veracode
added 2019/05/02 4:43 a.m.18 views

Cross-site Request Forgery (CSRF)

cumin is vulnerable to cross-site request forgery CSRF. an attacker is able to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors...

6.8CVSS6.8AI score0.00917EPSS
Exploits1References24Affected Software12
Veracode
Veracode
added 2019/05/02 4:43 a.m.26 views

Cross-site Scripting (XSS)

Red Hat Enterprise MRG Messaging, Realtime, and Grid is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. A number of unprotected resources web pages, export functionality,...

7.5CVSS7.1AI score0.03184EPSS
Exploits4References26Affected Software12
Veracode
Veracode
added 2019/01/15 9:1 a.m.24 views

Information Leakage

Cumin aka MRG Management Console is vulnerable to information leakage. The vulnerability exists because of the use of weak DES-based hash function to hash password, allowing the attacker to brute-force to get plain text...

5CVSS5.8AI score0.01148EPSS
Exploits0References6Affected Software3
Veracode
Veracode
added 2019/01/15 8:59 a.m.19 views

Denial Of Service (DoS)

cumin is vulnerable to denial of service DoS attacks. The vulnerability exists as Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service CPU and memory consumption via a crafted Ajax update request...

5CVSS5.7AI score0.024EPSS
Exploits0References7Affected Software2
Veracode
Veracode
added 2019/01/15 8:57 a.m.30 views

Information Disclosure

cumin is vulnerable to information disclosure attacks. The vulnerability exists as Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via...

5CVSS5.5AI score0.02339EPSS
Exploits1References20Affected Software10
Veracode
Veracode
added 2019/01/15 8:55 a.m.17 views

Denial Of Service (DoS)

cumin is vulnerable to denial of service DoS attacks. The vulnerability exists as Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service inaccessible page via a non-ASCII character in the name of a li...

5CVSS5.7AI score0.01791EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2019/01/15 8:53 a.m.27 views

Authorization Bypass

cumin is vulnerable to authorization bypass. User roles in the application are not properly enforced, allowing unprivileged user to access restricted resources. This allows a remote authenticated attacker to exploit the vulnerability to obtain confidential information and perform unauthorized...

6.5CVSS5.4AI score0.01885EPSS
Exploits0References6Affected Software2
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.35 views

RHEL 5 : MRG (RHSA-2013:1851)

An updated Grid component package that fixes multiple security issues is now available for Red Hat Enterprise MRG 2.4 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

7.5CVSS7.9AI score0.03343EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.31 views

RHEL 6 : MRG (RHSA-2014:0440)

Updated Grid component packages that fix two security issues, multiple bugs, and provide several enhancements are now available for Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common...

6.4CVSS6.8AI score0.0382EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.38 views

RHEL 6 : MRG (RHSA-2013:1852)

Updated Grid component packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.4 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, whi...

7.5CVSS8AI score0.03343EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.27 views

RHEL 5 : MRG (RHSA-2012:1278)

Updated Grid component packages that fix several security issues, add various enhancements and fix multiple bugs are now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common...

7.5CVSS6.3AI score0.03184EPSS
Exploits4References24
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.23 views

RHEL 5 : MRG (RHSA-2014:0859)

An updated cumin package that fixes two security issues is now available for Red Hat Enterprise MRG 2.5 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

5CVSS5.6AI score0.01791EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.31 views

RHEL 5 : Red Hat Enterprise MRG Grid 2.0 (RHSA-2011:1249)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1249 advisory. - cumin: broker username/password appears in the log file CVE-2011-2925 Note that Nessus has not tested for this issue but has instead relied only on...

4.6CVSS5.5AI score0.00391EPSS
Exploits0References71
Rows per page
Query Builder