CVE-2013-4404

Published Dec 23, 2013

Last updated 3 years ago

Overview

Description: cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.5
Impact score: 6.4
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBE39763-E666-4001-BDD3-0B11D4531366"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References