CVE-2012-2671
Published Jun 17, 2012
Last updated 11 years ago
Overview
- Description
- The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:0.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5923E7DD-281B-4291-88C2-87B9196A8F07"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBA313AF-BF9A-4427-B336-7A6B25E6BBC2"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F54DF9AA-4828-4373-BE0F-F76423AF495F"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:0.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83ACC7E3-8B18-472B-8B3B-8AE984DC1F5A"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:0.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9750927-2136-48EA-ADB8-2A7CE7310525"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58E442E4-80A1-4AB1-A1BD-C15C81C1FE4B"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "780342DD-AFAC-440A-92E2-B7C09CD01269"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3781271-7D47-44FC-99D5-38E2D390A131"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6EAEF4F-E5D2-49A4-AF11-7F7EC02CCAA9"
},
{
"criteria": "cpe:2.3:a:rtomayko:rack-cach:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13DC0743-0092-4011-963D-F3F273894771"
}
],
"operator": "OR"
}
]
}
]