Vulnerabilities > Redhat > Enterprise MRG > 2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-07-19 | CVE-2012-2682 | Improper Input Validation vulnerability in Redhat Enterprise MRG 2.5 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, allows attackers with certain database privileges to cause a denial of service (inaccessible page) via a non-ASCII character in the name of a link. | 5.0 |
| 2014-07-11 | CVE-2014-0174 | Information Exposure vulnerability in Redhat Enterprise MRG 2.5 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | 4.3 |
| 2014-04-30 | CVE-2013-6445 | Cryptographic Issues vulnerability in Redhat Enterprise MRG 2.5 Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via a brute-force attack. | 5.0 |