Lucene search
RubySecRUBY:RBOVIRT-2014-0036-104080HistoryMar 04, 2014 - 8:00 p.m.
CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client
2014-03-0420:00:00
RubySec
rubysec.com
6
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
53.6%
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with
SSL verification disabled, which allows remote attackers to conduct man-in-the-middle
attacks via unspecified vectors.
References
Related
openvas
openvas
Fedora Update for rubygem-rbovirt FEDORA-2014-3526
2014-03-17 00:00:00
Fedora Update for rubygem-rbovirt FEDORA-2014-3573
2014-03-17 00:00:00
Fedora Update for rubygem-rbovirt FEDORA-2014-3526
2014-03-17 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-rbovirt-0.0.18-4.fc19
2014-03-15 15:18:05
[SECURITY] Fedora 20 Update: rubygem-rbovirt-0.0.18-4.fc20
2014-03-15 15:23:32
prion
prion
Design/Logic Flaw
2014-04-17 14:55:00
osv
osv
rbovirt uses the rest-client gem with SSL verification disabled
2017-10-24 18:33:36
nvd
nvd
CVE-2014-0036
2014-04-17 14:55:06
nessus
nessus
Fedora 20 : rubygem-rbovirt-0.0.18-4.fc20 (2014-3526)
2014-03-17 00:00:00
Fedora 19 : rubygem-rbovirt-0.0.18-4.fc19 (2014-3573)
2014-03-17 00:00:00
cve
cve
CVE-2014-0036
2014-04-17 14:55:06
cvelist
cvelist
CVE-2014-0036
2014-04-17 14:00:00
github
github
rbovirt uses the rest-client gem with SSL verification disabled
2017-10-24 18:33:36
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
53.6%
Related for RUBY:RBOVIRT-2014-0036-104080