Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-2681

Опубликовано: 19 сент. 2012
Источник: redhat
CVSS2: 5.8
EPSS Низкий

Описание

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise MRG 1cuminWill not fix
MRG for RHEL-5 v. 2condorFixedRHSA-2012:127819.09.2012
MRG for RHEL-5 v. 2condor-wallabyFixedRHSA-2012:127819.09.2012
MRG for RHEL-5 v. 2condor-wallaby-base-dbFixedRHSA-2012:127819.09.2012
MRG for RHEL-5 v. 2cuminFixedRHSA-2012:127819.09.2012
MRG for RHEL-5 v. 2sesameFixedRHSA-2012:127819.09.2012
MRG for RHEL-5 v. 2wallabyFixedRHSA-2012:127819.09.2012
Red Hat Enterprise MRG 2condorFixedRHSA-2012:128119.09.2012
Red Hat Enterprise MRG 2condor-wallabyFixedRHSA-2012:128119.09.2012
Red Hat Enterprise MRG 2condor-wallaby-base-dbFixedRHSA-2012:128119.09.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=827558cumin: weak session keys

EPSS

Процентиль: 70%
0.00651
Низкий

5.8 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2012-2681

nvd
больше 13 лет назад

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.

github логотип

GHSA-w3x9-vw38-f9cq

github
больше 3 лет назад

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.

EPSS

Процентиль: 70%
0.00651
Низкий

5.8 Medium

CVSS2