CVE-2012-2735

CVSS v2.0

4.9

Medium

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Cumin versions prior to 0.1.5444 Red Hat Enterprise Messaging, Realtime, and Grid (MRG) version 2.0

Description A session fixation issue allows remote attackers to hijack web sessions via a crafted session cookie.

Recommendations For Cumin versions prior to 0.1.5444, update to version 0.1.5444 or later. For Red Hat Enterprise Messaging, Realtime, and Grid (MRG) version 2.0, consider disabling session cookies or implementing additional security measures to prevent session fixation attacks until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2012-2735

RHSA-2012:1278

RHSA-2012:1281

Affected Products

Cumin

Red Hat Enterprise Messaging

CVE-2012-2735

Related Identifiers

Affected Products

References · 7