CVE-2021-41819 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CISA-ADP	ADP	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 71%

Affected Products (NVD)

Vendor	Product	Version
ruby-lang	cgi	0.1.0
ruby-lang	cgi	0.2.0
ruby-lang	cgi	0.3.0
ruby-lang	ruby	𝑥 ≤ 2.6.8
ruby-lang	ruby	2.7.0 ≤ 𝑥 < 2.7.5
ruby-lang	ruby	3.0.0 ≤ 𝑥 < 3.0.3
redhat	software_collections	-
redhat	enterprise_linux	8.0
debian	debian_linux	9.0
debian	debian_linux	10.0
debian	debian_linux	11.0
suse	linux_enterprise	11.0:sp1
suse	linux_enterprise	12.0
suse	linux_enterprise	15.0
opensuse	factory	-
opensuse	leap	15.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

ruby2.7

bullseye	2.7.4-1+deb11u1 fixed
bullseye (security)	2.7.4-1+deb11u2 fixed

Ubuntu Releases

Ubuntu Product

Codename

ruby2.3

trusty	ignored
xenial	Fixed 2.3.1-2~ubuntu16.04.16+esm2 released

ruby2.5

bionic	Fixed 2.5.1-1ubuntu1.11 released
trusty	ignored
xenial	ignored

ruby2.7

focal	Fixed 2.7.0-5ubuntu1.6 released
hirsute	Fixed 2.7.2-4ubuntu1.3 released
impish	Fixed 2.7.4-1ubuntu3.1 released
trusty	ignored
xenial	ignored

ruby3.0

jammy	Fixed 3.0.2-7ubuntu2 released
trusty	ignored
xenial	ignored

Known Exploits!

Common Weakness Enumeration

CWE-565 - Reliance on Cookies without Validation and Integrity Checking
The application relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.

References

https://hackerone.com/reports/910552

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/

https://security.gentoo.org/glsa/202401-27

https://security.netapp.com/advisory/ntap-20220121-0003/

https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/

https://hackerone.com/reports/910552

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/

https://security.gentoo.org/glsa/202401-27

https://security.netapp.com/advisory/ntap-20220121-0003/

https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/