{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-19T00:00:00", "descriptions": [{"lang": "en", "value": "Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) \"web pages,\" (2) \"export functionality,\" and (3) \"image viewing.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=829421"}, {"name": "55618", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55618"}, {"name": "RHSA-2012:1278", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"}, {"name": "cumin-redhat-sec-bypass(78770)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78770"}, {"name": "RHSA-2012:1281", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"}, {"name": "50660", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50660"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2680", "datePublished": "2012-09-28T17:00:00", "dateReserved": "2012-05-14T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trevor_mckay:cumin:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB8CE3E6-C78F-4363-B731-A7981046EE5B", "versionEndIncluding": "0.1.5192-4", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1:*:*:*:*:*:*:*", "matchCriteriaId": "B33C6617-24FB-4C96-A786-D26B074B0569", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1:*:*:*:*:*:*:*", "matchCriteriaId": "D6CF3F68-713E-48E8-8D37-4AE443AF87FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2:*:*:*:*:*:*:*", "matchCriteriaId": "8BDF4FB8-5ECF-4A2F-8066-8C362574B55F", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1:*:*:*:*:*:*:*", "matchCriteriaId": "6ADC326A-3CE8-4710-870B-BF540CCB4A5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1:*:*:*:*:*:*:*", "matchCriteriaId": "FFB4776E-178C-4488-9C98-98859576E343", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1:*:*:*:*:*:*:*", "matchCriteriaId": "77B6E427-B880-48EB-8139-2F54381539BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1:*:*:*:*:*:*:*", "matchCriteriaId": "9EABF881-94BA-4E76-8EDB-29A4DB7F68B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1:*:*:*:*:*:*:*", "matchCriteriaId": "476B4482-38CB-46FB-B05D-CBBCDA87B739", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1:*:*:*:*:*:*:*", "matchCriteriaId": "F49E39C4-D9D4-44D0-9F24-2DB3EB1E4457", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5068-1:*:*:*:*:*:*:*", "matchCriteriaId": "75A69413-E0B0-4528-8C42-898866BD3B9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5092-1:*:*:*:*:*:*:*", "matchCriteriaId": "00B69A8C-A652-4CBB-80B1-171630C7420E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5098-2:*:*:*:*:*:*:*", "matchCriteriaId": "11E7AFB1-7864-47D4-AD75-9B9950BE7BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5105-1:*:*:*:*:*:*:*", "matchCriteriaId": "B9C553FD-1ED7-436A-B4A7-309C79CB7793", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-1:*:*:*:*:*:*:*", "matchCriteriaId": "4CBBA885-F992-464D-9DF4-047F824FC02B", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-2:*:*:*:*:*:*:*", "matchCriteriaId": "D313A509-35AE-4EA3-9EDC-20CA98293D99", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-3:*:*:*:*:*:*:*", "matchCriteriaId": "B84531E0-D82D-43AE-A708-B12C34984B70", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-4:*:*:*:*:*:*:*", "matchCriteriaId": "9106FF80-627C-40E1-80E1-E574EB9A6B8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-5:*:*:*:*:*:*:*", "matchCriteriaId": "F46220E7-B924-49D4-B866-3EA6B52F4D45", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5192-1:*:*:*:*:*:*:*", "matchCriteriaId": "CACA1231-8272-40A9-B7B3-0141E0F1D7A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to (1) \"web pages,\" (2) \"export functionality,\" and (3) \"image viewing.\""}, {"lang": "es", "value": "Cumin, antes de v0.1.5444, tal y como lo utiliza Red Hat Enterprise Messaging, Realtime, y Grid (MRG) v2.0 no restringe adecuadamente el acceso a los recursos, lo que permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados relacionados con (1) las p\u00e1ginas web (2) ls funcionalidad de exportaci\u00f3n\", y (3) la \"visualizaci\u00f3n de im\u00e1genes\"."}], "id": "CVE-2012-2680", "lastModified": "2021-07-15T19:16:09.750", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-09-28T17:55:00.727", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=829421"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/50660"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/55618"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78770"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}