CVE-2012-3459

Sažetak

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor.

Reference

http://rhn.redhat.com/errata/RHSA-2012-1281.html
http://rhn.redhat.com/errata/RHSA-2012-1278.html
http://www.securityfocus.com/bid/55632
http://secunia.com/advisories/50666
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=846501
http://secunia.com/advisories/50660

CVSS

Base:	4.9
Impact:	4.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

15-07-2021 - 19:16

Objavljeno

28-09-2012 - 17:55