CVE Vulnerabilities

CVE-2012-2735

Published: Sep 28, 2012 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.9 MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:N
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V3
Ubuntu

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.

Affected Software

Name Vendor Start Version End Version
Cumin Trevor_mckay * 0.1.5192-4 (including)
Cumin Trevor_mckay 0.1.3160-1 (including) 0.1.3160-1 (including)
Cumin Trevor_mckay 0.1.4369-1 (including) 0.1.4369-1 (including)
Cumin Trevor_mckay 0.1.4410-2 (including) 0.1.4410-2 (including)
Cumin Trevor_mckay 0.1.4494-1 (including) 0.1.4494-1 (including)
Cumin Trevor_mckay 0.1.4794-1 (including) 0.1.4794-1 (including)
Cumin Trevor_mckay 0.1.4916-1 (including) 0.1.4916-1 (including)
Cumin Trevor_mckay 0.1.5033-1 (including) 0.1.5033-1 (including)
Cumin Trevor_mckay 0.1.5037-1 (including) 0.1.5037-1 (including)
Cumin Trevor_mckay 0.1.5054-1 (including) 0.1.5054-1 (including)
Cumin Trevor_mckay 0.1.5068-1 (including) 0.1.5068-1 (including)
Cumin Trevor_mckay 0.1.5092-1 (including) 0.1.5092-1 (including)
Cumin Trevor_mckay 0.1.5098-2 (including) 0.1.5098-2 (including)
Cumin Trevor_mckay 0.1.5105-1 (including) 0.1.5105-1 (including)
Cumin Trevor_mckay 0.1.5137-1 (including) 0.1.5137-1 (including)
Cumin Trevor_mckay 0.1.5137-2 (including) 0.1.5137-2 (including)
Cumin Trevor_mckay 0.1.5137-3 (including) 0.1.5137-3 (including)
Cumin Trevor_mckay 0.1.5137-4 (including) 0.1.5137-4 (including)
Cumin Trevor_mckay 0.1.5137-5 (including) 0.1.5137-5 (including)
Cumin Trevor_mckay 0.1.5192-1 (including) 0.1.5192-1 (including)
Enterprise_mrg Redhat 2.0 (including) 2.0 (including)
MRG for RHEL-5 v. 2 RedHat condor-0:7.6.5-0.22.el5 *
MRG for RHEL-5 v. 2 RedHat condor-wallaby-0:4.1.3-1.el5 *
MRG for RHEL-5 v. 2 RedHat condor-wallaby-base-db-0:1.23-1.el5 *
MRG for RHEL-5 v. 2 RedHat cumin-0:0.1.5444-3.el5 *
MRG for RHEL-5 v. 2 RedHat sesame-0:1.0-4.el5 *
MRG for RHEL-5 v. 2 RedHat wallaby-0:0.12.5-10.el5 *
Red Hat Enterprise MRG 2 RedHat condor-0:7.6.5-0.22.el6 *
Red Hat Enterprise MRG 2 RedHat condor-wallaby-0:4.1.3-1.el6 *
Red Hat Enterprise MRG 2 RedHat condor-wallaby-base-db-0:1.23-1.el6 *
Red Hat Enterprise MRG 2 RedHat cumin-0:0.1.5444-3.el6 *
Red Hat Enterprise MRG 2 RedHat deltacloud-core-0:0.5.0-10.el6_2 *
Red Hat Enterprise MRG 2 RedHat libdeltacloud-0:0.9-1.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-daemons-0:1.1.4-2.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-eventmachine-0:0.12.10-7.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-fssm-0:0.2.7-1.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-haml-0:3.1.2-2.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-hpricot-0:0.8.4-2.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-json-0:1.4.6-10.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-maruku-0:0.6.0-4.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-mime-types-0:1.16-4.el6_0 *
Red Hat Enterprise MRG 2 RedHat rubygem-mocha-0:0.9.7-4.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-net-ssh-0:2.0.23-6.el6_0 *
Red Hat Enterprise MRG 2 RedHat rubygem-nokogiri-0:1.5.0-0.8.beta4.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-rack-1:1.3.0-2.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-rack-accept-0:0.4.3-6.el6_0 *
Red Hat Enterprise MRG 2 RedHat rubygem-rack-test-0:0.6.1-1.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-rake-0:0.8.7-2.1.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-rest-client-0:1.6.1-2.el6_0 *
Red Hat Enterprise MRG 2 RedHat rubygems-0:1.8.16-1.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-sass-0:3.1.4-4.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-sinatra-1:1.2.6-2.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-syntax-0:1.0.0-4.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-thin-0:1.2.11-3.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-tilt-0:1.3.2-3.el6 *
Red Hat Enterprise MRG 2 RedHat rubygem-yard-0:0.7.2-1.el6 *
Red Hat Enterprise MRG 2 RedHat sesame-0:1.0-6.el6 *
Red Hat Enterprise MRG 2 RedHat wallaby-0:0.12.5-10.el6 *

References