What is the severity of CVE-2012-2684?

CVE-2012-2684 is classified as a medium severity vulnerability due to the potential for arbitrary SQL command execution.

How do I fix CVE-2012-2684?

To fix CVE-2012-2684, upgrade to Cumin version 0.1.5444 or later.

What impact does CVE-2012-2684 have on my system?

CVE-2012-2684 allows remote attackers to execute arbitrary SQL commands, which can lead to data breaches or system compromise.

Which software versions are affected by CVE-2012-2684?

CVE-2012-2684 affects Cumin versions up to 0.1.5444, including several releases such as 0.1.5192-4 and earlier.

Are there any known exploits for CVE-2012-2684?

Yes, CVE-2012-2684 has the potential for exploitation by attackers, but specific exploits have not been publicly documented.

Vulnerability/
CVE-2012-2684

high

7.5

CWE

28/9/2012

15/7/2021

CVE-2012-2684: SQL Injection

First published: Fri Sep 28 2012(Updated: )

Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (1) agent or (2) object id.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Trevor McKay Cumin	<=0.1.5192-4
Trevor McKay Cumin	=0.1.3160-1
Trevor McKay Cumin	=0.1.4369-1
Trevor McKay Cumin	=0.1.4410-2
Trevor McKay Cumin	=0.1.4494-1
Trevor McKay Cumin	=0.1.4794-1
Trevor McKay Cumin	=0.1.4916-1
Trevor McKay Cumin	=0.1.5033-1
Trevor McKay Cumin	=0.1.5037-1
Trevor McKay Cumin	=0.1.5054-1
Trevor McKay Cumin	=0.1.5068-1
Trevor McKay Cumin	=0.1.5092-1
Trevor McKay Cumin	=0.1.5098-2
Trevor McKay Cumin	=0.1.5105-1
Trevor McKay Cumin	=0.1.5137-1
Trevor McKay Cumin	=0.1.5137-2
Trevor McKay Cumin	=0.1.5137-3
Trevor McKay Cumin	=0.1.5137-4
Trevor McKay Cumin	=0.1.5137-5
Trevor McKay Cumin	=0.1.5192-1
Red Hat Enterprise MRG	=2.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-2684?
CVE-2012-2684 is classified as a medium severity vulnerability due to the potential for arbitrary SQL command execution.
How do I fix CVE-2012-2684?
To fix CVE-2012-2684, upgrade to Cumin version 0.1.5444 or later.
What impact does CVE-2012-2684 have on my system?
CVE-2012-2684 allows remote attackers to execute arbitrary SQL commands, which can lead to data breaches or system compromise.
Which software versions are affected by CVE-2012-2684?
CVE-2012-2684 affects Cumin versions up to 0.1.5444, including several releases such as 0.1.5192-4 and earlier.
Are there any known exploits for CVE-2012-2684?
Yes, CVE-2012-2684 has the potential for exploitation by attackers, but specific exploits have not been publicly documented.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/severity
agent/weakness
agent/references
agent/author
agent/description
agent/softwarecombine
agent/tags
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/trevor mckay
canonical/trevor mckay cumin
version/trevor mckay cumin/0.1.5192-4
version/trevor mckay cumin/0.1.3160-1
version/trevor mckay cumin/0.1.4369-1
version/trevor mckay cumin/0.1.4410-2
version/trevor mckay cumin/0.1.4494-1
version/trevor mckay cumin/0.1.4794-1
version/trevor mckay cumin/0.1.4916-1
version/trevor mckay cumin/0.1.5033-1
version/trevor mckay cumin/0.1.5037-1
version/trevor mckay cumin/0.1.5054-1
version/trevor mckay cumin/0.1.5068-1
version/trevor mckay cumin/0.1.5092-1
version/trevor mckay cumin/0.1.5098-2
version/trevor mckay cumin/0.1.5105-1
version/trevor mckay cumin/0.1.5137-1
version/trevor mckay cumin/0.1.5137-2
version/trevor mckay cumin/0.1.5137-3
version/trevor mckay cumin/0.1.5137-4
version/trevor mckay cumin/0.1.5137-5
version/trevor mckay cumin/0.1.5192-1
vendor/redhat
canonical/redhat enterprise mrg
version/redhat enterprise mrg/2.0