CVE-2013-4404

Published: Dec 23, 2013Modified: Apr 29, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform privileged operations via unspecified vectors.

Affected (1)

Products: Redhat: Enterprise Mrg

Redhat

1 product

Enterprise Mrg

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Mrg	Version 2.4

Related CWEs

CWE-264

References (6)

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=995038

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2013-1851.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-1852.html

Source: secalert@redhat.com

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=995038

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2013-1851.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-1852.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.