CVE-2019-5420

Advisory lineage Upstream: 0 Downstream: 7
Modified
Published: 27 Mar 2019, 13:48
Last modified:04 Aug 2024, 19:54

Vulnerability Summary

Overall Risk (default)
high
70/100
CVSS Score
9.8 CRITICAL
v3.1 (nvd)
EPSS Score
93.51% CRITICAL
94% probability +0.41%
KEV
Not listed
Ransomware
No reports
Public exploits
3 found
Dark Web
Not detected

Timeline

27 Mar 2019, 13:48
Published
Vulnerability first disclosed
04 Aug 2024, 19:54
Last Modified
Vulnerability information updated

Description

A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.

CVSS Metrics

  • v3.1CRITICALScore: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • v2.0HIGHScore: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS Trends

Current EPSS score: 93.51% Percentile: 100%

Techniques & Countermeasures

  • CWE-330Use of Insufficiently Random Values

    The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

  • CWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')

    The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Affected Systems

  • debiandebian_linux

    8.0

  • fedoraprojectfedora

    30

  • railshttps://github.com/rails/rails

    5.2.2.1 | 6.0.0.beta3

  • rubyonrailsrails

    < 5.2.2.1 | 6.0.0:beta1 | 6.0.0:beta2

References (5)