// For flags

CVE-2012-2681

cumin: weak session keys

Severity Score

5.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.

Cumin antes de v0.1.5444, tal y como se utiliza en Red Hat Enterprise Messaging, Realtime y Grid (MRG) v2.0, usa numeros aleatorios predecibles para generar claves de sesión, lo que hace más fácil para los atacantes remotos a la hora de adivinar la clave de sesión.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-05-14 CVE Reserved
  • 2012-09-20 CVE Published
  • 2023-06-16 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-310: Cryptographic Issues
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
<= 0.1.5192-4
Search vendor "Trevor Mckay" for product "Cumin" and version " <= 0.1.5192-4"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.3160-1
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.3160-1"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.4369-1
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4369-1"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.4410-2
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4410-2"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.4494-1
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4494-1"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.4794-1
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4794-1"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.4916-1
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4916-1"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.5098-2
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5098-2"
-
Affected
Trevor Mckay
Search vendor "Trevor Mckay"
Cumin
Search vendor "Trevor Mckay" for product "Cumin"
0.1.5192-1
Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5192-1"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Mrg
Search vendor "Redhat" for product "Enterprise Mrg"
2.0
Search vendor "Redhat" for product "Enterprise Mrg" and version "2.0"
-
Affected