First published: Mon Oct 07 2013(Updated: )
A flaw was found in the way cumin parsed POST request data. A remote attacker could potentially use this flaw to perform SQL injection attacks on cumin's database.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat enterprise MRG | =2.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-4461 has been classified as a critical vulnerability due to its potential for remote SQL injection attacks.
To fix CVE-2013-4461, it is recommended to upgrade to the patched version of Red Hat Enterprise MRG that addresses the SQL injection flaw.
CVE-2013-4461 allows for remote SQL injection attacks that could compromise the integrity of cumin's database.
CVE-2013-4461 affects Red Hat Enterprise MRG Grid version 2.4.
Yes, CVE-2013-4461 is exploitable by remote attackers without the need for authentication.