// For flags

CVE-2018-12027

 

Severity Score

8.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket.

Una vulnerabilidad de permisos inseguros en SpawningKit en Phusion Passenger en versiones 5.3.x anteriores a la 5.3.2 provoca una divulgación de información en la siguiente situación: dado un proceso de la aplicación generado por Passenger que informa de que escucha en un determinado socket de dominio de Unix, si cualquiera de los directorios padre de dicho socket pueden ser escritos por un usuario normal que no sea el de la aplicación, el usuario que no es de la aplicación puede cambiar ese directorio por otra cosa, lo que resulta en que el tráfico se redirige a un proceso del usuario que no es de la aplicación mediante un socket de dominio de Unix alternativo.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-06-07 CVE Reserved
  • 2018-06-17 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (2)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://blog.phusion.nl/passenger-5-3-2 2019-10-03
https://security.gentoo.org/glsa/201807-02 2019-10-03
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Phusion
Search vendor "Phusion"
 Passenger
Search vendor "Phusion" for product "Passenger"
 >= 5.3.0 < 5.3.2
Search vendor "Phusion" for product "Passenger" and version " >= 5.3.0 < 5.3.2"
-
Affected