Vulnerability Name:

CVE-2018-1000119

Assigned:2018-03-07
Published:2015-05-25
Updated:2018-04-11
Summary:Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to be exploitable via network connectivity to the ruby application. This vulnerability appears to have been fixed in 1.5.5 and 2.0.0.
CVSS v3 Severity:5.9 Medium (CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (Temporal CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
7.5 High (CCN CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (CCN Temporal CVSS v3 Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
3.7 Low (REDHAT CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
3.2 Low (REDHAT Temporal CVSS v3 Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
CWE-385
References:Source: REDHAT
Type: UNKNOWN
RHSA-2018:1060

Source: XF
Type: UNKNOWN
sinatra-cve20181000119-info-disc(140118)

Source: CONFIRM
Type: VENDOR_ADVISORY
https://github.com/sinatra/rack-protection/pull/98

Source: CONFIRM
Type: VENDOR_ADVISORY
https://github.com/sinatra/sinatra/commit/8aa6c42ef724f93ae309fb7c5668e19ad547eceb#commitcomment-27964109

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sinatrarb:sinatra:2.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:sinatrarb:sinatra:2.0.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:sinatrarb:sinatra:2.0.0:rc3:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.redhat.rhsa:def:20181060
    P
    RHSA-2018:1060: pcs security update (Important)
    2018-04-10
    oval:com.ubuntu.artful:def:20181000119000
    V
    CVE-2018-1000119 on Ubuntu 17.10 (artful) - medium.
    2018-03-07
    oval:com.ubuntu.trusty:def:20181000119000
    V
    CVE-2018-1000119 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-03-07
    oval:com.ubuntu.xenial:def:20181000119000
    V
    CVE-2018-1000119 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-03-07
    BACK
    sinatrarb sinatra 2.0.0 rc1
    sinatrarb sinatra 2.0.0 rc2
    sinatrarb sinatra 2.0.0 rc3