Enterprise Mrg Security Vulnerabilities and Issues — Enterprise Mrg CVE List

Lucene search

RedhatEnterprise Mrg

4 matches found

CVE•added 2013/12/23 10:55 p.m.•52 views

CVE-2013-4405

Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests.

6.8CVSS7.3AI score0.00134EPSS

CVE•added 2013/12/23 10:55 p.m.•48 views

CVE-2013-4461

SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator."

7.5CVSS8.5AI score0.0038EPSS

CVE•added 2013/12/23 10:55 p.m.•46 views

CVE-2013-4414

Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the "Max allowance" field in the "Set limit" form.

4.3CVSS5.8AI score0.00296EPSS

CVE•added 2013/12/23 10:55 p.m.•45 views

CVE-2013-4404

cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors.

6.5CVSS5.8AI score0.00216EPSS