Lucene search

K
githubGitHub Advisory DatabaseGHSA-XC85-32MF-XPV8
HistoryMay 05, 2022 - 2:48 a.m.

Rack arbitrary code execution via timing attack

2022-05-0502:48:42
GitHub Advisory Database
github.com
13

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.084 Low

EPSS

Percentile

94.2%

Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time.

CPENameOperatorVersion
racklt1.1.6
racklt1.2.8
racklt1.3.10
racklt1.4.5
racklt1.5.2

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.084 Low

EPSS

Percentile

94.2%

Related for GHSA-XC85-32MF-XPV8