CVE-2012-2684SQL Injection in Mckay Cumin

CWE-89SQL Injection6 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.6%
top 30.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trevor Mckay CuminRedhat Enterprise MRG
Timeline
PublishedSep 28
Latest updateMay 13

Description

Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDtrevor_mckay/cumin0.1.5192-4+19

🔴Vulnerability Details

2
GHSA
GHSA-364j-8jm7-f886: Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 02022-05-13
CVEList
CVE-2012-2684: Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 02012-09-28

📋Vendor Advisories

1
Red Hat
cumin: SQL injection flaw2012-09-19

💬Community

2
Bugzilla
CVE-2012-2680 CVE-2012-2681 CVE-2012-2683 CVE-2012-2684 CVE-2012-2685 CVE-2012-2734 CVE-2012-2735 CVE-2012-3459 cumin various flaws [fedora-all]2012-09-19
Bugzilla
CVE-2012-2684 cumin: SQL injection flaw2012-06-08
CVE-2012-2684 — SQL Injection in Trevor Mckay Cumin | cvebase