{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-19T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "55618", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55618"}, {"name": "RHSA-2012:1278", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"}, {"name": "cumin-redhat-csrf(78775)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78775"}, {"name": "RHSA-2012:1281", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"}, {"name": "50660", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50660"}, {"tags": ["x_refsource_MISC"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=832124"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2734", "datePublished": "2012-09-28T17:00:00", "dateReserved": "2012-05-14T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trevor_mckay:cumin:*:*:*:*:*:*:*:*", "matchCriteriaId": "EB8CE3E6-C78F-4363-B731-A7981046EE5B", "versionEndIncluding": "0.1.5192-4", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.3160-1:*:*:*:*:*:*:*", "matchCriteriaId": "B33C6617-24FB-4C96-A786-D26B074B0569", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4369-1:*:*:*:*:*:*:*", "matchCriteriaId": "D6CF3F68-713E-48E8-8D37-4AE443AF87FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4410-2:*:*:*:*:*:*:*", "matchCriteriaId": "8BDF4FB8-5ECF-4A2F-8066-8C362574B55F", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4494-1:*:*:*:*:*:*:*", "matchCriteriaId": "6ADC326A-3CE8-4710-870B-BF540CCB4A5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4794-1:*:*:*:*:*:*:*", "matchCriteriaId": "FFB4776E-178C-4488-9C98-98859576E343", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.4916-1:*:*:*:*:*:*:*", "matchCriteriaId": "77B6E427-B880-48EB-8139-2F54381539BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5033-1:*:*:*:*:*:*:*", "matchCriteriaId": "9EABF881-94BA-4E76-8EDB-29A4DB7F68B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5037-1:*:*:*:*:*:*:*", "matchCriteriaId": "476B4482-38CB-46FB-B05D-CBBCDA87B739", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5054-1:*:*:*:*:*:*:*", "matchCriteriaId": "F49E39C4-D9D4-44D0-9F24-2DB3EB1E4457", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5068-1:*:*:*:*:*:*:*", "matchCriteriaId": "75A69413-E0B0-4528-8C42-898866BD3B9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5092-1:*:*:*:*:*:*:*", "matchCriteriaId": "00B69A8C-A652-4CBB-80B1-171630C7420E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5098-2:*:*:*:*:*:*:*", "matchCriteriaId": "11E7AFB1-7864-47D4-AD75-9B9950BE7BBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5105-1:*:*:*:*:*:*:*", "matchCriteriaId": "B9C553FD-1ED7-436A-B4A7-309C79CB7793", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-1:*:*:*:*:*:*:*", "matchCriteriaId": "4CBBA885-F992-464D-9DF4-047F824FC02B", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-2:*:*:*:*:*:*:*", "matchCriteriaId": "D313A509-35AE-4EA3-9EDC-20CA98293D99", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-3:*:*:*:*:*:*:*", "matchCriteriaId": "B84531E0-D82D-43AE-A708-B12C34984B70", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-4:*:*:*:*:*:*:*", "matchCriteriaId": "9106FF80-627C-40E1-80E1-E574EB9A6B8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5137-5:*:*:*:*:*:*:*", "matchCriteriaId": "F46220E7-B924-49D4-B866-3EA6B52F4D45", "vulnerable": true}, {"criteria": "cpe:2.3:a:trevor_mckay:cumin:0.1.5192-1:*:*:*:*:*:*:*", "matchCriteriaId": "CACA1231-8272-40A9-B7B3-0141E0F1D7A7", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors."}, {"lang": "es", "value": "Multiples vulnerabilidades de fasificaci\u00f3n de peticiones en sitios cruzados (CSRF) en Cumin antes de v0.1.5444, tal y como se utiliza en Red Hat Enterprise Messaging, Realtime, y Grid 2.0 (MRG) permiten a atacantes remotos secuestrar la autenticaci\u00f3n de usuarios de su elecci\u00f3n para solicitudes que ejecutan comandos a trav\u00e9s de vectores no especificados."}], "id": "CVE-2012-2734", "lastModified": "2023-02-13T04:33:46.037", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-09-28T17:55:01.007", "references": [{"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=832124"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/50660"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/55618"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78775"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}