CVE-2018-1000119

Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
Affected Products (NVD)
VendorProductVersion
sinatrarbrack-protection
𝑥
< 1.5.5
sinatrarbrack-protection
2.0.0:rc1
sinatrarbrack-protection
2.0.0:rc2
sinatrarbrack-protection
2.0.0:rc3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ruby-rack-protection
artful
ignored
bionic
Fixed 1.5.3-2+deb9u1build0.18.04.1
released
cosmic
not-affected
disco
not-affected
trusty
dne
xenial
Fixed 1.5.3-2+deb9u1build0.16.04.1
released
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
pcs
RHEL 7
0:0.9.162-5.el7_5.1
fixed
pcs-snmp
RHEL 7
0:0.9.162-5.el7_5.1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2018:1060
https://github.com/sinatra/rack-protection/pull/98
https://github.com/sinatra/sinatra/commit/8aa6c42ef724f93ae309fb7c5668e19ad547eceb#commitcomment-27964109
https://www.debian.org/security/2018/dsa-4247
https://access.redhat.com/errata/RHSA-2018:1060
https://github.com/sinatra/rack-protection/pull/98
https://github.com/sinatra/sinatra/commit/8aa6c42ef724f93ae309fb7c5668e19ad547eceb#commitcomment-27964109
https://www.debian.org/security/2018/dsa-4247