Lucene search
HistoryApr 29, 2015 - 8:59 p.m.
CVE-2015-3448
cve-2015-3448
information security
ruby
rest client
passwords
username
vulnerability
8.4 High
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.3%
REST client for Ruby (aka rest-client) before 1.7.3 logs usernames and passwords, which allows local users to obtain sensitive information by reading the log.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rest-client_project:rest-client | rest-client project rest-client | le | 1.7.2 |
Related
ubuntucve
ubuntucve
CVE-2015-3448
2015-04-29 00:00:00
osv
osv
debiancve
debiancve
CVE-2015-3448
2015-04-29 20:59:00
nessus
nessus
FreeBSD : rest-client -- plaintext password disclosure (ffe2d86c-07d9-11e5-9a28-001e67150279)
2015-06-02 00:00:00
Fedora 23 : rubygem-rest-client (2015-8dce7405bf)
2016-07-14 00:00:00
RHEL 7 : Satellite 6.9 Release (Moderate) (RHSA-2021:1313)
2021-04-21 00:00:00
github
github
prion
prion
Cross site request forgery (csrf)
2015-04-29 20:59:00
freebsd
freebsd
rest-client -- plaintext password disclosure
2015-01-12 00:00:00
mageia
mageia
Updated ruby-rest-client packages fix security vulnerabilities
2015-05-15 21:23:49
fedora
fedora
[SECURITY] Fedora 23 Update: rubygem-rest-client-1.8.0-1.fc23
2015-08-27 18:31:37
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0227)
2022-01-28 00:00:00
redhat
redhat
(RHSA-2021:1313) Moderate: Satellite 6.9 Release
2021-04-21 12:43:38
8.4 High
AI Score
Confidence
High
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.3%
Related for CVE-2015-3448