CVE-2012-2681

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, uses predictable random numbers to generate session keys, which makes it easier for remote attackers to guess the session key.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
VendorProductVersion
trevor_mckaycumin
𝑥
≤ 0.1.5192-4
trevor_mckaycumin
0.1.3160-1
trevor_mckaycumin
0.1.4369-1
trevor_mckaycumin
0.1.4410-2
trevor_mckaycumin
0.1.4494-1
trevor_mckaycumin
0.1.4794-1
trevor_mckaycumin
0.1.4916-1
trevor_mckaycumin
0.1.5098-2
trevor_mckaycumin
0.1.5192-1
redhatenterprise_mrg
2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558
http://rhn.redhat.com/errata/RHSA-2012-1278.html
http://rhn.redhat.com/errata/RHSA-2012-1281.html
http://secunia.com/advisories/50660
http://www.securityfocus.com/bid/55618
https://exchange.xforce.ibmcloud.com/vulnerabilities/78771
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558
http://rhn.redhat.com/errata/RHSA-2012-1278.html
http://rhn.redhat.com/errata/RHSA-2012-1281.html
http://secunia.com/advisories/50660
http://www.securityfocus.com/bid/55618
https://exchange.xforce.ibmcloud.com/vulnerabilities/78771