Enterprise Mrg@2.5 Security Vulnerabilities and Issues — Enterprise Mrg@2.5 CVE List

Lucene search

RedhatEnterprise Mrg2.5

3 matches found

CVE•added 2014/04/30 2:22 p.m.•58 views

CVE-2013-6445

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack.

5CVSS5.9AI score0.00297EPSS

CVE•added 2014/07/19 7:55 p.m.•37 views

CVE-2012-2682

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link.

5CVSS6.3AI score0.00408EPSS

CVE•added 2014/07/11 2:55 p.m.•37 views

CVE-2014-0174

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

4.3CVSS6.2AI score0.00236EPSS