Lucene search
HistoryApr 17, 2014 - 2:55 p.m.
CVE-2014-0036
rbovirt
gem
ruby
ssl verification
rest-client
cve-2014-0036
security vulnerability
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.8%
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
Affected configurations
Node
amos_benarirbovirtRange≤0.0.23ruby
ORamos_benarirbovirtMatch0.0.1ruby
ORamos_benarirbovirtMatch0.0.2ruby
ORamos_benarirbovirtMatch0.0.3ruby
ORamos_benarirbovirtMatch0.0.4ruby
ORamos_benarirbovirtMatch0.0.5ruby
ORamos_benarirbovirtMatch0.0.6ruby
ORamos_benarirbovirtMatch0.0.7ruby
ORamos_benarirbovirtMatch0.0.8ruby
ORamos_benarirbovirtMatch0.0.9ruby
ORamos_benarirbovirtMatch0.0.10ruby
ORamos_benarirbovirtMatch0.0.11ruby
ORamos_benarirbovirtMatch0.0.12ruby
ORamos_benarirbovirtMatch0.0.13ruby
ORamos_benarirbovirtMatch0.0.14ruby
ORamos_benarirbovirtMatch0.0.15ruby
ORamos_benarirbovirtMatch0.0.16ruby
ORamos_benarirbovirtMatch0.0.17ruby
ORamos_benarirbovirtMatch0.0.18ruby
ORamos_benarirbovirtMatch0.0.19ruby
ORamos_benarirbovirtMatch0.0.20ruby
ORamos_benarirbovirtMatch0.0.21ruby
ORamos_benarirbovirtMatch0.0.22ruby
Related
nessus
nessus
Fedora 20 : rubygem-rbovirt-0.0.18-4.fc20 (2014-3526)
2014-03-17 00:00:00
Fedora 19 : rubygem-rbovirt-0.0.18-4.fc19 (2014-3573)
2014-03-17 00:00:00
openvas
openvas
Fedora Update for rubygem-rbovirt FEDORA-2014-3573
2014-03-17 00:00:00
Fedora Update for rubygem-rbovirt FEDORA-2014-3573
2014-03-17 00:00:00
Fedora Update for rubygem-rbovirt FEDORA-2014-3526
2014-03-17 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: rubygem-rbovirt-0.0.18-4.fc20
2014-03-15 15:23:32
[SECURITY] Fedora 19 Update: rubygem-rbovirt-0.0.18-4.fc19
2014-03-15 15:18:05
osv
osv
rbovirt uses the rest-client gem with SSL verification disabled
2017-10-24 18:33:36
nvd
nvd
CVE-2014-0036
2014-04-17 14:55:06
prion
prion
Design/Logic Flaw
2014-04-17 14:55:00
cvelist
cvelist
CVE-2014-0036
2014-04-17 14:00:00
github
github
rbovirt uses the rest-client gem with SSL verification disabled
2017-10-24 18:33:36
rubygems
rubygems
CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client
2014-03-04 20:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.5 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.8%
Related for CVE-2014-0036