Описание
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account
In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web.
Пакеты
Наименование
oxidized-web
rubygems
Затронутые версииВерсия исправления
< 0.15.0
0.15.0
Связанные уязвимости
CVSS3: 9
nvd
11 месяцев назад
In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration page allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web.