CVE-2009-2422 – rails

Package

Manager: gem
Name: rails
Vulnerable Version: >=0 <2.3.3

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00403 pctl0.6012

Details

rails vulnerable to improper authentication The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rails before 2.3.3 defines an authenticate_or_request_with_http_digest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication for applications that are derived from this example by sending an invalid username without a password.

Metadata

Created: 2017-10-24T18:33:38Z
Modified: 2024-02-14T21:33:07Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-rxq3-gm4p-5fj4/GHSA-rxq3-gm4p-5fj4.json
CWE IDs: ["CWE-287"]
Alternative ID: GHSA-rxq3-gm4p-5fj4
Finding: F006
Auto approve: 1