CVE-2014-0036

Published Apr 17, 2014

Last updated 11 years ago

Overview

Description: The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
Source: secalert@redhat.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-310

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:*:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D021603E-B502-43BF-A06F-4BA43B759FD0",
            "versionEndIncluding": "0.0.23"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.1:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "988EA567-79E3-4F7D-882C-12D488FEA1BA"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.2:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4CE840EA-1F32-4E3F-B53C-93057F02D1BA"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.3:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CCC9717-41A9-4DB1-AAF3-4E4002CF591F"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.4:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "130F17C1-5F39-4123-A023-93D1242268D9"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.5:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE6B394A-C746-48AA-81D3-8C0D3A60263F"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.6:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B02EEC1-1398-470F-A3EC-D8A2B4F24BC0"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.7:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "378495A9-5CA7-4EB6-9709-ED41E73C0B6E"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.8:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C20B031E-03DA-4525-B881-607A360F0553"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.9:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC114173-BB7A-4C82-84A6-E9739F64FD46"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.10:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37588158-AB8F-4C7C-8645-D02AF379DCBA"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.11:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "967B1B67-55BC-44E7-93F3-0498668D17E2"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.12:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5BA94DC-D6EB-43E5-A8AD-8E3E4EE45647"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.13:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A6D3C7F-21F7-49B3-B16D-E24E751BA579"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.14:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "537C3352-B2A7-4D07-B52E-680FC37DEC34"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.15:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DC2EA73-09C7-429D-A892-DEB1C6727265"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.16:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "772A3C26-135F-48A3-AC92-8EAEF7905F8D"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.17:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7491D51-7E09-4E64-825A-3041C659AC57"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.18:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77211F03-7E04-4157-9856-F45E0F462363"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.19:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99E6217A-D695-43B2-A6FB-DF81257E39F9"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.20:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "650C680B-15AD-41D5-A214-DA9B2A6211AE"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.21:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5934151-5AA5-41B4-A5E1-08D6EE7708BB"
          },
          {
            "criteria": "cpe:2.3:a:amos_benari:rbovirt:0.0.22:*:*:*:*:ruby:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63F0501C-A3E3-4CB2-A73A-77000F1C6BEB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References