PT-2013-5027 · Red Hat · Red Hat Enterprise Mrg Grid

Tomáš Nováčik

Published

2013-12-23

Updated

2021-07-15

CVE-2013-4461

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise MRG Grid version 2.4

Description A SQL injection issue exists in the web interface for cumin, allowing remote attackers to execute arbitrary SQL commands. This is related to vectors involving the "filtering table operator."

Recommendations For Red Hat Enterprise MRG Grid version 2.4, update the software to a version that includes a fix for this issue, as no specific workaround is provided.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2013-4461

RHSA-2013:1851

RHSA-2013:1852

Affected Products

Red Hat Enterprise Mrg Grid

PT-2013-5027 · Red Hat · Red Hat Enterprise Mrg Grid

CVE-2013-4461

Weakness Enumeration

Related Identifiers

Affected Products

References · 4