Vulnerability Details CVE-2012-2684
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830245
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html
- http://rhn.redhat.com/errata/RHSA-2012-1278.html
- http://rhn.redhat.com/errata/RHSA-2012-1281.html
- http://secunia.com/advisories/50660
- http://www.securityfocus.com/bid/55618
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830245
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092543.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092562.html
- http://rhn.redhat.com/errata/RHSA-2012-1278.html
- http://rhn.redhat.com/errata/RHSA-2012-1281.html
- http://secunia.com/advisories/50660
- http://www.securityfocus.com/bid/55618
Products affected by CVE-2012-2684
-
cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2
-
cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5068-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5092-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5098-2
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5105-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5137-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5137-2
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5137-3
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5137-4
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5137-5
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5192-1
-
cpe:2.3:a:trevor_mckay:cumin:0.1.5192-4
-
cpe:2.3:o:redhat:enterprise_mrg:2.0