CVE-2013-4284 — Redhat Enterprise MRG vulnerability

CWE-3996 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.5%

top 32.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Enterprise MRG

Timeline

PublishedOct 9

Latest updateMay 13

Description

Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDredhat/enterprise_mrg2.4

🔴Vulnerability Details

GHSA

GHSA-mh57-cg82-rw87: Cumin, as used in Red Hat Enterprise MRG 2↗2022-05-13

▶

CVEList

CVE-2013-4284: Cumin, as used in Red Hat Enterprise MRG 2↗2013-10-09

▶

📋Vendor Advisories

Red Hat

cumin: Denial of service due to improper handling of certain Ajax requests↗2013-10-01

▶

💬Community

Bugzilla

CVE-2013-4284 cumin: Denial of service due to improper handling of certain Ajax requests [fedora-all]↗2013-10-01

▶

Bugzilla

CVE-2013-4284 cumin: Denial of service due to improper handling of certain Ajax requests↗2013-07-19

▶