CVE-2012-2734

cumin < 0.1.5444 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/55618
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1278.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78775
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1281.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/50660

Scores

EPSS 0.0092
EPSS Percentile 56.0%

Details

CWE
CWE-352
Status published
Products (21)
redhat/enterprise_mrg 2.0
trevor_mckay/cumin 0.1.3160-1
trevor_mckay/cumin 0.1.4369-1
trevor_mckay/cumin 0.1.4410-2
trevor_mckay/cumin 0.1.4494-1
trevor_mckay/cumin 0.1.4794-1
trevor_mckay/cumin 0.1.4916-1
trevor_mckay/cumin 0.1.5033-1
trevor_mckay/cumin 0.1.5037-1
trevor_mckay/cumin 0.1.5054-1
... and 11 more
Published Sep 28, 2012
Tracked Since Feb 18, 2026