Описание
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.
A flaw was found in rubygem-rack in versions prior to 1.6.12 and 2.0.8. An information leak may allow an attacker to find and hijack sessions using timing attacks targeting the session ID. The highest threat from the vulnerability is to data confidentiality.
Отчет
Because Red Hat OpenStack Platform 13.0 Operational Tools packaged the flawed code, but does not use its functionality, its Impact has been reduced to 'Low'.
Меры по смягчению последствий
There is no mitigation for this issue, the flaw can only be resolved by applying updates.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenStack Platform 10 (Newton) Operational Tools | rubygem-rack | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) Operational Tools | rubygem-rack | Not affected | ||
| Red Hat Satellite 6 | tfm-ror51-rubygem-rack | Not affected | ||
| Red Hat Satellite 6 | tfm-ror52-rubygem-rack | Affected | ||
| Red Hat Software Collections | rh-ror50-rubygem-rack | Will not fix | ||
| Red Hat Storage 3 | rubygem-rack | Affected | ||
| CloudForms Management Engine 5.11 | ansible-runner | Fixed | RHSA-2020:2480 | 10.06.2020 |
| CloudForms Management Engine 5.11 | cfme | Fixed | RHSA-2020:2480 | 10.06.2020 |
| CloudForms Management Engine 5.11 | cfme-amazon-smartstate | Fixed | RHSA-2020:2480 | 10.06.2020 |
| CloudForms Management Engine 5.11 | cfme-appliance | Fixed | RHSA-2020:2480 | 10.06.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id. Session ids are usually stored and indexed in a database that uses some kind of scheme for speeding up lookups of that session id. By carefully measuring the amount of time it takes to look up a session, an attacker may be able to find a valid session id and hijack the session. The session id itself may be generated randomly, but the way the session is indexed by the backing store does not use a secure comparison.
There's a possible information leak / session hijack vulnerability in ...
Possible Information Leak / Session Hijack Vulnerability in Rack
EPSS
5.9 Medium
CVSS3