{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-09T00:00:00", "descriptions": [{"lang": "en", "value": "Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-07-19T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2014:0858", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830254"}, {"name": "RHSA-2014:0859", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:42:31.640Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2014:0858", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830254"}, {"name": "RHSA-2014:0859", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2682", "datePublished": "2014-07-19T19:00:00", "dateReserved": "2012-05-14T00:00:00", "dateUpdated": "2024-08-06T19:42:31.640Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8082D9CA-E5CC-4B92-9F45-E257F246069F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link."}, {"lang": "es", "value": "Cumin (tambi\u00e9n conocido como MRG Management Console), utilizado en Red Hat Enterprise MRG 2.5, permite a atacantes con ciertos privilegios en la base de datos causar una denegaci\u00f3n de servicio (p\u00e1gina inaccesible) a trav\u00e9s de un caracter no ASCII en el nombre de un enlace."}], "id": "CVE-2012-2682", "lastModified": "2024-11-21T01:39:26.293", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-19T19:55:05.730", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830254"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830254"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Stanislav Graf (Red Hat).", "affected_release": [{"advisory": "RHSA-2014:0859", "cpe": "cpe:/a:redhat:enterprise_mrg:2::el5", "package": "cumin-0:0.1.5796-4.el5_9", "product_name": "MRG for RHEL-5 v. 2", "release_date": "2014-07-09T00:00:00Z"}, {"advisory": "RHSA-2014:0858", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "cumin-0:0.1.5797-3.el6", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2014-07-09T00:00:00Z"}], "bugzilla": {"description": "cumin: DoS via displayed link names containing non-ASCII characters", "id": "830254", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=830254"}, "csaw": false, "cvss": {"cvss_base_score": "5.0", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link.", "It was found that if Cumin were asked to display a link name containing non-ASCII characters, the request would terminate with an error. If data containing non-ASCII characters were added to the database (such as via Cumin or Wallaby), requests to load said data would terminate and the requested page would not be displayed until an administrator cleans the database."], "name": "CVE-2012-2682", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_mrg:1", "fix_state": "Will not fix", "package_name": "cumin", "product_name": "Red Hat Enterprise MRG 1"}], "public_date": "2014-07-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-2682\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-2682"], "threat_severity": "Moderate"}