CVE-2012-2735

Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.

Published: Sep 28, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-2735
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
trevor_mckay / cumin	0.1.5192-1	0.1.5192-1.x
trevor_mckay / cumin	0.1.4916-1	0.1.4916-1.x
trevor_mckay / cumin	0.1.5137-1	0.1.5137-1.x
trevor_mckay / cumin	0.1.5054-1	0.1.5054-1.x
trevor_mckay / cumin	0.1.5137-3	0.1.5137-3.x
trevor_mckay / cumin	0.1.4410-2	0.1.4410-2.x
trevor_mckay / cumin	0.1.4794-1	0.1.4794-1.x
trevor_mckay / cumin	0.1.5098-2	0.1.5098-2.x
trevor_mckay / cumin	0.1.5033-1	0.1.5033-1.x
trevor_mckay / cumin	0.1.4369-1	0.1.4369-1.x
trevor_mckay / cumin	0.1.5037-1	0.1.5037-1.x
trevor_mckay / cumin	0.1.3160-1	0.1.3160-1.x
trevor_mckay / cumin	0.1.5137-4	0.1.5137-4.x
trevor_mckay / cumin	0.1.5092-1	0.1.5092-1.x
trevor_mckay / cumin	0.1.5137-5	0.1.5137-5.x
trevor_mckay / cumin	0.1.5068-1	0.1.5068-1.x
trevor_mckay / cumin	0.1.4494-1	0.1.4494-1.x
trevor_mckay / cumin	-	0.1.5192-4.x
trevor_mckay / cumin	0.1.5105-1	0.1.5105-1.x
trevor_mckay / cumin	0.1.5137-2	0.1.5137-2.x
redhat / enterprise_mrg	2.0	2.0.x

Vulnerability Database

289,599

CVE-2012-2735