Описание
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise MRG 1 | cumin | Will not fix | ||
| MRG for RHEL-5 v. 2 | condor | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | condor-wallaby | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | condor-wallaby-base-db | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | cumin | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | sesame | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | wallaby | Fixed | RHSA-2012:1278 | 19.09.2012 |
| Red Hat Enterprise MRG 2 | condor | Fixed | RHSA-2012:1281 | 19.09.2012 |
| Red Hat Enterprise MRG 2 | condor-wallaby | Fixed | RHSA-2012:1281 | 19.09.2012 |
| Red Hat Enterprise MRG 2 | condor-wallaby-base-db | Fixed | RHSA-2012:1281 | 19.09.2012 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
EPSS
4.3 Medium
CVSS2