ID CVE-2012-3359
Summary Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7347 for the incorrect enforcement of a user timeout.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:conga:*:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:conga:*:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
CVSS
Base: 3.7 (as of 31-03-2014 - 18:12)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
assigner via4 cve@mitre.org
cvss-vector via4 AV:L/AC:H/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 839732
title Conga Add a Service Screen is Missing Option for Restart-Disable Recovery Policy
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhba:tst:20070331001
  • OR
    • AND
      • comment luci is earlier than 0:0.12.2-64.el5
        oval oval:com.redhat.rhsa:tst:20130128002
      • comment luci is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20070331005
    • AND
      • comment ricci is earlier than 0:0.12.2-64.el5
        oval oval:com.redhat.rhsa:tst:20130128004
      • comment ricci is signed with Red Hat redhatrelease key
        oval oval:com.redhat.rhba:tst:20070331003
rhsa
id RHSA-2013:0128
released 2013-01-08
severity Low
title RHSA-2013:0128: conga security, bug fix, and enhancement update (Low)
rpms
  • luci-0:0.12.2-64.el5
  • ricci-0:0.12.2-64.el5
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=607179
vulnerable_product via4
  • cpe:2.3:a:redhat:conga:*:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
Last major update 31-03-2014 - 18:12
Published 31-03-2014 - 14:58
Back to Top