Vulnerabilities > Redhat > Enterprise MRG > 2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-12-23 | CVE-2013-4461 | SQL Injection vulnerability in Redhat Enterprise MRG 2.4 SQL injection vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to execute arbitrary SQL commands via vectors related to the "filtering table operator." | 7.5 |
2013-12-23 | CVE-2013-4404 | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise MRG 2.4 cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors. | 6.5 |
2013-10-09 | CVE-2013-4284 | Resource Management Errors vulnerability in Redhat Enterprise MRG 2.4 Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request. | 5.0 |