Описание
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
A flaw was found in rubygem-rack. An attacker may be able to trick a vulnerable application into processing an insecure (non-SSL) or cross-origin request if they can gain the ability to write arbitrary cookies that are sent to the application. The highest threat from this vulnerability is to data integrity.
Отчет
Because Red Hat OpenStack Platform 13.0 Operational Tools packages ships the flawed code, but does not use its functionality, its Impact has been reduced to 'Low'. Red Hat Satellite 6 and Red Hat CloudForms ship affected RubyGem Rack, however, since overwriting cookies is not possible products are not vulnerable to the flaw. We may update the Rack dependency in a future releases. Red Hat Gluster Storage 3 ships RubyGem Rack, but the version shipped does not contain the affected code. Therefore, it is impossible to overwrite cookies using this particular flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| CloudForms Management Engine 5 | cfme-amazon-smartstate | Will not fix | ||
| CloudForms Management Engine 5 | cfme-gemset | Will not fix | ||
| Red Hat Enterprise Linux 9 | rubygem-rack | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) Operational Tools | rubygem-rack | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) Operational Tools | rubygem-rack | Fix deferred | ||
| Red Hat Satellite 6 | tfm-ror52-rubygem-rack | Affected | ||
| Red Hat Storage 3 | rubygem-rack | Not affected | ||
| Red Hat Satellite 6.8 for RHEL 7 | ansible-collection-redhat-satellite | Fixed | RHSA-2020:4366 | 27.10.2020 |
| Red Hat Satellite 6.8 for RHEL 7 | ansiblerole-foreman_scap_client | Fixed | RHSA-2020:4366 | 27.10.2020 |
| Red Hat Satellite 6.8 for RHEL 7 | ansiblerole-insights-client | Fixed | RHSA-2020:4366 | 27.10.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
A reliance on cookies without validation/integrity check security vuln ...
Rack allows Percent-encoded cookies to overwrite existing prefixed cookie names
Уязвимость функции parse_cookies_header из utils.rb модульного интерфейса между веб-серверами и веб-приложениями Rack, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
7.5 High
CVSS3