exploitDog

CVE-2013-7134

Опубликовано: 29 апр. 2014

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phusion:juvia:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00519

Низкий

7.5 High

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-83r6-2qgv-m5qp

github

больше 3 лет назад

Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies.

EPSS

Процентиль: 66%

0.00519

Низкий

7.5 High

CVSS2

Дефекты

CWE-255