CVE-2012-2684
cumin: SQL injection flaw
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.
Múltiples vulnerabilidades de inyección SQL en la función get_sample_filters_by_signature en Cumin antes de v0.1.5444, tal y como se utiliza en Red Hat Enterprise Messaging, Realtime y Grid (MRG) v2.0 permiten la ejecución remota de SQL arbitrarias a través de (1) el id del agente (2) el id del objeto.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-05-14 CVE Reserved
- 2012-09-20 CVE Published
- 2023-04-16 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=830245 | X_refsource_misc | |
http://secunia.com/advisories/50660 | Third Party Advisory | |
http://www.securityfocus.com/bid/55618 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | <= 0.1.5192-4 Search vendor "Trevor Mckay" for product "Cumin" and version " <= 0.1.5192-4" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.3160-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.3160-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.4369-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4369-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.4410-2 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4410-2" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.4494-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4494-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.4794-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4794-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.4916-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.4916-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5033-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5033-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5037-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5037-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5054-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5054-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5068-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5068-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5092-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5092-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5098-2 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5098-2" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5105-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5105-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5137-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5137-1" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5137-2 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5137-2" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5137-3 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5137-3" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5137-4 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5137-4" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5137-5 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5137-5" | - |
Affected
| ||||||
Trevor Mckay Search vendor "Trevor Mckay" | Cumin Search vendor "Trevor Mckay" for product "Cumin" | 0.1.5192-1 Search vendor "Trevor Mckay" for product "Cumin" and version "0.1.5192-1" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg" | 2.0 Search vendor "Redhat" for product "Enterprise Mrg" and version "2.0" | - |
Affected
|