GHSA-rxq3-gm4p-5fj4

Source

https://github.com/advisories/GHSA-rxq3-gm4p-5fj4

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2017/10/GHSA-rxq3-gm4p-5fj4/GHSA-rxq3-gm4p-5fj4.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-rxq3-gm4p-5fj4

Aliases

CVE-2009-2422

Published

2017-10-24T18:33:38Z

Modified

2024-02-16T08:14:01.612807Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

rails vulnerable to improper authentication

Details

The example code for the digest authentication functionality (httpauthentication.rb) in Ruby on Rails before 2.3.3 defines an authenticateorrequestwithhttpdigest block that returns nil instead of false when the user does not exist, which allows context-dependent attackers to bypass authentication for applications that are derived from this example by sending an invalid username without a password.

Database specific

{
    "nvd_published_at": "2009-07-10T15:30:00Z",
    "cwe_ids": [
        "CWE-287"
    ],
    "severity": "CRITICAL",
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:56:22Z"
}

References

Affected packages

RubyGems / rails

Package

Name: rails
Purl: pkg:gem/rails

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.3

Affected versions

0.*

0.8.0

0.8.5

0.9.0

0.9.1

0.9.2

0.9.3

0.9.4

0.9.4.1

0.9.5

0.10.0

0.10.1

0.11.0

0.11.1

0.12.0

0.12.1

0.13.0

0.13.1

0.14.1

0.14.2

0.14.3

0.14.4

1.*

1.0.0

1.1.0

1.1.1

1.1.2

1.1.3

1.1.4

1.1.5

1.1.6

1.2.0

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

2.*

2.0.0

2.0.1

2.0.2

2.0.4

2.0.5

2.1.0

2.1.1

2.1.2

2.2.2

2.2.3

2.3.2