Session fixation vulnerability in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote attackers to hijack web sessions via a crafted session cookie.Referenceshttp://www.securityfocus.com/bid/55618http://rhn.redhat.com/errata/RHSA-2012-1278.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1281.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/78776http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=832151http://secunia.com/advisories/50660
