National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:redhat:enterprise_mrg:2.5
There are 4 matching records.
Vuln ID Summary CVSS Severity
CVE-2015-2922

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

Published: May 27, 2015; 06:59:06 AM -04:00
V2: 3.3 LOW
CVE-2012-2682

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link.

Published: July 19, 2014; 03:55:05 PM -04:00
V2: 5.0 MEDIUM
CVE-2014-0174

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

Published: July 11, 2014; 10:55:03 AM -04:00
V2: 4.3 MEDIUM
CVE-2013-6445

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack.

Published: April 30, 2014; 10:22:05 AM -04:00
V2: 5.0 MEDIUM