CVE-2019-5418
Rails 5.2.1 - Arbitrary File Content Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
9Exploited in Wild
-Decision
Descriptions
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
Existe una vulnerabilidad de Divulgación del contenido del archivo en la Vista de acción versión anterior a .2.2.1, versión anterior a 1.6.2, versión anterior a 5.0.7.2, versión anterior a 4.2.11.1 y v3, donde los encabezados de aceptación especialmente diseñados pueden exponer el contenido de archivos arbitrarios en el sistema de archivos del sistema de destino. .
A content disclosure flaw was found in rubygem-actionview. Specially crafted accept headers, in combination with calls to 'render file:', can cause arbitrary files on the target server to be rendered, disclosing the file contents. Code execution cannot be ruled out if the attacker is able to gain access to the proper files. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Rails version 5.2.1 suffers from an arbitrary file content disclosure vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-04 CVE Reserved
- 2019-03-18 First Exploit
- 2019-03-21 CVE Published
- 2024-08-04 CVE Updated
- 2024-11-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (21)
URL | Tag | Source |
---|---|---|
https://groups.google.com/forum/#%21topic/rubyonrails-security/pFRKI96Sm8Q | X_refsource_confirm | |
https://lists.debian.org/debian-lts-announce/2019/03/msg00042.html | Mailing List |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/46585 | 2024-08-04 | |
https://github.com/mpgn/CVE-2019-5418 | 2019-03-25 | |
https://github.com/brompwnie/CVE-2019-5418-Scanner | 2019-03-21 | |
https://github.com/omarkurt/CVE-2019-5418 | 2019-03-18 | |
https://github.com/takeokunn/CVE-2019-5418 | 2019-03-30 | |
https://github.com/random-robbie/CVE-2019-5418 | 2019-11-19 | |
https://github.com/kailing0220/CVE-2019-5418 | 2022-10-17 | |
https://github.com/ztgrace/CVE-2019-5418-Rails3 | 2019-10-04 | |
http://packetstormsecurity.com/files/152178/Rails-5.2.1-Arbitrary-File-Content-Disclosure.html | 2024-08-04 |
URL | Date | SRC |
---|---|---|
http://www.openwall.com/lists/oss-security/2019/03/22/1 | 2023-11-07 | |
https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released | 2023-11-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | >= 3.0.0 < 4.2.11.1 Search vendor "Rubyonrails" for product "Rails" and version " >= 3.0.0 < 4.2.11.1" | - |
Affected
| ||||||
Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | >= 5.0.0 < 5.0.7.2 Search vendor "Rubyonrails" for product "Rails" and version " >= 5.0.0 < 5.0.7.2" | - |
Affected
| ||||||
Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | >= 5.1.0 < 5.1.6.2 Search vendor "Rubyonrails" for product "Rails" and version " >= 5.1.0 < 5.1.6.2" | - |
Affected
| ||||||
Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | >= 5.2.0 < 5.2.2.1 Search vendor "Rubyonrails" for product "Rails" and version " >= 5.2.0 < 5.2.2.1" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Cloudforms Search vendor "Redhat" for product "Cloudforms" | 4.7 Search vendor "Redhat" for product "Cloudforms" and version "4.7" | - |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.0 Search vendor "Opensuse" for product "Leap" and version "15.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 30 Search vendor "Fedoraproject" for product "Fedora" and version "30" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Cloudforms Search vendor "Redhat" for product "Cloudforms" | 4.6 Search vendor "Redhat" for product "Cloudforms" and version "4.6" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Software Collections Search vendor "Redhat" for product "Software Collections" | 1.0 Search vendor "Redhat" for product "Software Collections" and version "1.0" | - |
Affected
|