CVE-2011-2925

Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
redhatenterprise_mrg
2.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
condor
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
dne
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
hardy
dne
Common Weakness Enumeration
References
http://osvdb.org/75217
http://secunia.com/advisories/45887
http://secunia.com/advisories/45928
http://www.redhat.com/support/errata/RHSA-2011-1249.html
http://www.redhat.com/support/errata/RHSA-2011-1250.html
http://www.securityfocus.com/bid/49500
http://www.securitytracker.com/id?1026021
https://bugzilla.redhat.com/show_bug.cgi?id=731574
https://exchange.xforce.ibmcloud.com/vulnerabilities/69659
http://osvdb.org/75217
http://secunia.com/advisories/45887
http://secunia.com/advisories/45928
http://www.redhat.com/support/errata/RHSA-2011-1249.html
http://www.redhat.com/support/errata/RHSA-2011-1250.html
http://www.securityfocus.com/bid/49500
http://www.securitytracker.com/id?1026021
https://bugzilla.redhat.com/show_bug.cgi?id=731574
https://exchange.xforce.ibmcloud.com/vulnerabilities/69659