Lucene search
K

11 matches found

Veracode
Veracode
added 2019/01/15 9:1 a.m.25 views

Information Leakage

Cumin aka MRG Management Console is vulnerable to information leakage. The vulnerability exists because of the use of weak DES-based hash function to hash password, allowing the attacker to brute-force to get plain text...

5CVSS5.8AI score0.01148EPSS
Exploits0References6Affected Software3
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.23 views

RHEL 6 : MRG (RHSA-2012:0477)

An updated MRG Management Console package that fixes several security issues is now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

4.3CVSS5.2AI score0.02377EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/07/22 12:0 a.m.19 views

RHEL 5 : MRG (RHSA-2012:0476)

An updated MRG Management Console package that fixes several security issues is now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

4.3CVSS5.2AI score0.02377EPSS
Exploits0References4
NVD
NVD
added 2014/07/11 2:55 p.m.36 views

CVE-2014-0174

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

4.3CVSS6AI score0.01585EPSS
Exploits0References2
Prion
Prion
added 2014/07/11 2:55 p.m.14 views

Design/Logic Flaw

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

4.3CVSS6.5AI score0.01585EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/07/11 2:0 p.m.40 views

CVE-2014-0174

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie...

6AI score0.01585EPSS
Exploits0References2
CVE
CVE
added 2014/07/11 2:0 p.m.54 views

CVE-2014-0174

The CVE-2014-0174 issue affects Red Hat Enterprise MRG 2.5 (Cumin) where the session cookie is not marked HttpOnly in Set-Cookie, enabling potential script access to the cookie. Affected environments include Red Hat Enterprise Linux 5/6 running MRG 2.5. Root cause: Cumin did not set the HttpOnly ...

4.3CVSS6.2AI score0.01585EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2014/04/30 2:22 p.m.34 views

CVE-2013-6445

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack...

5CVSS5.8AI score0.01148EPSS
Exploits0References3
CVE
CVE
added 2014/04/30 2:0 p.m.85 views

CVE-2013-6445

CVE-2013-6445 affects Red Hat Enterprise MRG 2.5 where the Cumin (MRG Management Console) component uses the DES-based crypt() hash for passwords. Root cause: weak DES-based hashing enables faster brute-force recovery of plaintext passwords if a cumin user database is compromised. Impact: potenti...

5CVSS5.9AI score0.01148EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/04/30 2:0 p.m.49 views

CVE-2013-6445

Cumin aka MRG Management Console, as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack...

5.8AI score0.01148EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2012/04/12 4:26 p.m.20 views

Moderate: Red Hat Security Advisory: Red Hat Enterprise MRG Management Console security update

An updated MRG Management Console package that fixes several security issues is now available for Red Hat Enterprise MRG 2 for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

4.3CVSS5.7AI score0.02377EPSS
Exploits0References3
Rows per page
Query Builder