CVE-2015-4020
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record with a domain that is suffixed with the original domain name, aka a "DNS hijack attack." NOTE: this vulnerability exists because to an incomplete fix for CVE-2015-3900.
RubyGems 2.0.x en versiones anteriores a 2.0.17, 2.2.x en versiones anteriores a 2.2.5 y 2.4.x en versiones anteriores a 2.4.8 no valida el nombre del host cuando recupera gemas o hace peticiones API, lo que permite a atacantes remotos redirigir peticiones a dominios arbitrarios mediante un registro DNS SRV con un dominio que está seguido del nombre del dominio original, también conocido como un "atacque de secuestro DNS". NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2015-3900.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-05-18 CVE Reserved
- 2015-08-25 CVE Published
- 2023-04-12 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | Third Party Advisory |
|
| http://www.securityfocus.com/bid/75431 | Vdb Entry | |
| https://github.com/rubygems/rubygems/commit/5c7bfb5 | X_refsource_confirm | |
| https://puppet.com/security/cve/CVE-2015-3900 | X_refsource_confirm | |
| https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-009/?fid=6478 | Third Party Advisory | |
| https://www.trustwave.com/Resources/SpiderLabs-Blog/Attacking-Ruby-Gem-Security-with-CVE-2015-3900 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://blog.rubygems.org/2015/06/08/2.2.5-released.html | 2017-12-09 | |
| http://blog.rubygems.org/2015/06/08/2.4.8-released.html | 2017-12-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | 11.3 Search vendor "Oracle" for product "Solaris" and version "11.3" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.0 Search vendor "Rubygems" for product "Rubygems" and version "2.0.0" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.0 Search vendor "Rubygems" for product "Rubygems" and version "2.0.0" | preview2 |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.0 Search vendor "Rubygems" for product "Rubygems" and version "2.0.0" | preview2.1 |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.0 Search vendor "Rubygems" for product "Rubygems" and version "2.0.0" | preview2.2 |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.0 Search vendor "Rubygems" for product "Rubygems" and version "2.0.0" | rc1 |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.0 Search vendor "Rubygems" for product "Rubygems" and version "2.0.0" | rc2 |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.1 Search vendor "Rubygems" for product "Rubygems" and version "2.0.1" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.2 Search vendor "Rubygems" for product "Rubygems" and version "2.0.2" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.3 Search vendor "Rubygems" for product "Rubygems" and version "2.0.3" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.4 Search vendor "Rubygems" for product "Rubygems" and version "2.0.4" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.5 Search vendor "Rubygems" for product "Rubygems" and version "2.0.5" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.6 Search vendor "Rubygems" for product "Rubygems" and version "2.0.6" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.7 Search vendor "Rubygems" for product "Rubygems" and version "2.0.7" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.8 Search vendor "Rubygems" for product "Rubygems" and version "2.0.8" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.9 Search vendor "Rubygems" for product "Rubygems" and version "2.0.9" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.10 Search vendor "Rubygems" for product "Rubygems" and version "2.0.10" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.11 Search vendor "Rubygems" for product "Rubygems" and version "2.0.11" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.12 Search vendor "Rubygems" for product "Rubygems" and version "2.0.12" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.13 Search vendor "Rubygems" for product "Rubygems" and version "2.0.13" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.14 Search vendor "Rubygems" for product "Rubygems" and version "2.0.14" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.15 Search vendor "Rubygems" for product "Rubygems" and version "2.0.15" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.0.16 Search vendor "Rubygems" for product "Rubygems" and version "2.0.16" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.2.0 Search vendor "Rubygems" for product "Rubygems" and version "2.2.0" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.2.1 Search vendor "Rubygems" for product "Rubygems" and version "2.2.1" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.2.2 Search vendor "Rubygems" for product "Rubygems" and version "2.2.2" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.2.3 Search vendor "Rubygems" for product "Rubygems" and version "2.2.3" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.2.4 Search vendor "Rubygems" for product "Rubygems" and version "2.2.4" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.0 Search vendor "Rubygems" for product "Rubygems" and version "2.4.0" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.1 Search vendor "Rubygems" for product "Rubygems" and version "2.4.1" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.2 Search vendor "Rubygems" for product "Rubygems" and version "2.4.2" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.3 Search vendor "Rubygems" for product "Rubygems" and version "2.4.3" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.4 Search vendor "Rubygems" for product "Rubygems" and version "2.4.4" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.5 Search vendor "Rubygems" for product "Rubygems" and version "2.4.5" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.6 Search vendor "Rubygems" for product "Rubygems" and version "2.4.6" | - |
Affected
| ||||||
| Rubygems Search vendor "Rubygems" | Rubygems Search vendor "Rubygems" for product "Rubygems" | 2.4.7 Search vendor "Rubygems" for product "Rubygems" and version "2.4.7" | - |
Affected
| ||||||