What is the severity of CVE-2012-3359?

CVE-2012-3359 is rated as a moderate severity vulnerability.

How do I fix CVE-2012-3359?

To fix CVE-2012-3359, update your Red Hat Conga installation to the latest version provided by Red Hat.

What systems are affected by CVE-2012-3359?

CVE-2012-3359 affects Red Hat Conga and Red Hat Enterprise Linux 5 systems.

What type of vulnerability is CVE-2012-3359?

CVE-2012-3359 is a session management vulnerability related to user session timeouts.

What potential risks are associated with CVE-2012-3359?

CVE-2012-3359 could allow unauthorized access to user sessions if the user closes the browser tab without logging out.

Vulnerability/
CVE-2012-3359

low

3.7

CWE

255

23/6/2010

31/3/2014

11/5/2023

CVE-2012-3359

First published: Wed Jun 23 2010(Updated: )

It was reported that Luci's (Luci is a web based front-end component of the Conga cluster management system) user session timeout feature depended only on JavaScript script running in the user's browser. If user closed browser tab without logging out of Luci session and without closing browser, they could re-open Luci web interface and continue using the session even after the timeout period has elapsed. References: <a href="http://sourceware.org/cluster/conga/">http://sourceware.org/cluster/conga/</a> Acknowledgement: Red Hat would like to thank George Hedfors of Cybercom Sweden East AB for reporting this issue.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Red Hat Conga
Red Hat Enterprise Linux	=5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-3359?
CVE-2012-3359 is rated as a moderate severity vulnerability.
How do I fix CVE-2012-3359?
To fix CVE-2012-3359, update your Red Hat Conga installation to the latest version provided by Red Hat.
What systems are affected by CVE-2012-3359?
CVE-2012-3359 affects Red Hat Conga and Red Hat Enterprise Linux 5 systems.
What type of vulnerability is CVE-2012-3359?
CVE-2012-3359 is a session management vulnerability related to user session timeouts.
What potential risks are associated with CVE-2012-3359?
CVE-2012-3359 could allow unauthorized access to user sessions if the user closes the browser tab without logging out.

collector/redhat-bugzilla
alias/CVE-2012-3359
agent/last-modified-date
agent/first-publish-date
agent/type
agent/softwarecombine
agent/weakness
agent/severity
agent/references
agent/author
agent/tags
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/redhat
canonical/red hat conga
canonical/red hat enterprise linux
version/red hat enterprise linux/5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.