Описание
Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise MRG 1 | cumin | Will not fix | ||
| MRG for RHEL-5 v. 2 | condor | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | condor-wallaby | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | condor-wallaby-base-db | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | cumin | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | sesame | Fixed | RHSA-2012:1278 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | wallaby | Fixed | RHSA-2012:1278 | 19.09.2012 |
| Red Hat Enterprise MRG 2 | condor | Fixed | RHSA-2012:1281 | 19.09.2012 |
| Red Hat Enterprise MRG 2 | condor-wallaby | Fixed | RHSA-2012:1281 | 19.09.2012 |
| Red Hat Enterprise MRG 2 | condor-wallaby-base-db | Fixed | RHSA-2012:1281 | 19.09.2012 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-384
https://bugzilla.redhat.com/show_bug.cgi?id=832151cumin: session fixation flaw
EPSS
Процентиль: 59%
0.0039
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 13 лет назад
Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.
github
больше 3 лет назад
Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.
EPSS
Процентиль: 59%
0.0039
Низкий
4.3 Medium
CVSS2