Vulnerability CVE-2018-3760

Vulnerability Name:

CVE-2018-3760 (CCN-144979)

Assigned:

2017-12-28

Published:

2018-06-19

Updated:

2019-10-09

Summary:

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-200

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2018-3760

Source: CCN
Type: oss-sec Mailing List, Tue, 19 Jun 2018 11:37:54 -0400
[CVE-2018-3760] Path Traversal in Sprockets

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:2244

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:2245

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:2561

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:2745

Source: XF
Type: UNKNOWN
sprockets-cve20183760-dir-traversal(144979)

Source: CCN
Type: Sprockets GIT Repository
Sprockets

Source: MISC
Type: Broken Link
https://github.com/rails/sprockets/commit/c09131cf5b2c479263939c8582e22b98ed616c5fhttps://github.com/rails/sprockets/commit/9c34fa05900b968d74f08ccf40917848a7be9441https://github.com/rails/sprockets/commit/18b8a7f07a50c245e9aee7854ecdbe606bbd8bb5

Source: MISC
Type: Patch, Third Party Advisory
https://groups.google.com/d/msg/rubyonrails-security/ft_J--l55fM/7roDfQ50BwAJ

Source: DEBIAN
Type: Third Party Advisory
DSA-4242

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-3760

Vulnerable Configuration:

Configuration 1:

cpe:/a:redhat:cloudforms:4.5:*:*:*:*:*:*:*

OR cpe:/a:redhat:cloudforms:4.6:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:sprockets_project:sprockets:*:*:*:*:*:*:*:* (Version >= 2.0.0 and <= 2.12.4)

OR cpe:/a:sprockets_project:sprockets:*:*:*:*:*:*:*:* (Version >= 3.0.0 and <= 3.7.1)

OR cpe:/a:sprockets_project:sprockets:4.0.0:beta1:*:*:*:*:*:*

OR cpe:/a:sprockets_project:sprockets:4.0.0:beta2:*:*:*:*:*:*

OR cpe:/a:sprockets_project:sprockets:4.0.0:beta3:*:*:*:*:*:*

OR cpe:/a:sprockets_project:sprockets:4.0.0:beta4:*:*:*:*:*:*

OR cpe:/a:sprockets_project:sprockets:4.0.0:beta5:*:*:*:*:*:*

OR cpe:/a:sprockets_project:sprockets:4.0.0:beta6:*:*:*:*:*:*

OR cpe:/a:sprockets_project:sprockets:4.0.0:beta7:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:sprockets_project:sprockets:3.7.1:*:*:*:*:*:*:*

OR cpe:/a:sprockets_project:sprockets:2.12.4:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20183760	V	CVE-2018-3760	2022-06-30
oval:org.opensuse.security:def:28	P	collectd-5.10.0-1.108 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:113409	P	ruby2.7-rubygem-sprockets-3.7-3.7.2-1.10 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113410	P	ruby2.7-rubygem-sprockets-4.0.2-1.7 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:57149	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:67551	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:57137	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:4232	P	Security update for MozillaFirefox (Important)	2021-11-19
oval:org.opensuse.security:def:60391	P	Security update for python3 (Moderate)	2021-10-20
oval:org.opensuse.security:def:60389	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:106814	P	ruby2.7-rubygem-sprockets-3.7-3.7.2-1.10 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106815	P	ruby2.7-rubygem-sprockets-4.0.2-1.7 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:4220	P	Security update for grilo (Important)	2021-09-23
oval:org.opensuse.security:def:58017	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:58005	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:57993	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:59784	P	Security update for python-PyYAML (Important)	2021-08-24
oval:org.opensuse.security:def:4147	P	Security update for fetchmail (Moderate)	2021-08-20
oval:org.opensuse.security:def:59782	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:57981	P	Security update for dbus-1 (Important)	2021-08-02
oval:org.opensuse.security:def:70791	P	Security update for MozillaThunderbird (Important)	2021-07-22
oval:org.opensuse.security:def:57031	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:4134	P	Security update for djvulibre (Important)	2021-06-10
oval:org.opensuse.security:def:70904	P	freetype2-devel-2.9-2.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:57931	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:4126	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:57912	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:4189	P	Security update for openexr (Important)	2021-05-04
oval:org.opensuse.security:def:5028	P	Security update for samba (Important)	2021-04-29
oval:org.opensuse.security:def:57900	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:59601	P	Security update for openssl-1_0_0 (Moderate)	2021-03-08
oval:org.opensuse.security:def:59599	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:57043	P	Security update for sudo (Important)	2021-01-26
oval:org.opensuse.security:def:57943	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:4368	P	Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) (Important)	2020-12-07
oval:org.opensuse.security:def:4361	P	Security update for the Linux Kernel (Live Patch 0 for SLE 12 SP5) (Important)	2020-12-07
oval:org.opensuse.security:def:4364	P	Security update for the Linux Kernel (Live Patch 3 for SLE 12 SP5) (Important)	2020-12-07
oval:org.opensuse.security:def:103203	P	ruby2.5-rubygem-sprockets-3.7.2-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:89548	P	ruby2.5-rubygem-sprockets-3.7.2-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:96513	P	ruby2.5-rubygem-sprockets-3.7.2-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4309	P	Security update for the Linux Kernel (Live Patch 9 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4329	P	Security update for the Linux Kernel (Live Patch 11 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4248	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:5006	P	Security update for tomcat (Important)	2020-12-02
oval:org.opensuse.security:def:4354	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:56480	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:60767	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:59165	P	Security update for procps (Important)	2020-12-01
oval:org.opensuse.security:def:57303	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:60817	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:56870	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:60606	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:57708	P	elfutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59166	P	Security update for texlive (Important)	2020-12-01
oval:org.opensuse.security:def:64117	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:59900	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60688	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:59348	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:57788	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60846	P	Security update for rubygem-sprockets-2_12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:56492	P	Security update for kernel-firmware (Important)	2020-12-01
oval:org.opensuse.security:def:60769	P	Security update for python-pip (Moderate)	2020-12-01
oval:org.opensuse.security:def:59167	P	Security update for kernel-firmware (Important)	2020-12-01
oval:org.opensuse.security:def:57315	P	Security update for curl	2020-12-01
oval:org.opensuse.security:def:60819	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:56620	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:60507	P	perl-LWP-Protocol-https on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64204	P	ruby2.5-rubygem-sprockets on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59168	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:57588	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:56457	P	Security update for libzip (Moderate)	2020-12-01
oval:org.opensuse.security:def:59902	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60690	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:57800	P	libgssglue1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60848	P	Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui (Moderate)	2020-12-01
oval:org.opensuse.security:def:59188	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:67451	P	Security update for mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:56458	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:60089	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:60726	P	Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm (Important)	2020-12-01
oval:org.opensuse.security:def:57862	P	libtiff5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56632	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:60509	P	perl-XML-LibXML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57600	P	Security update for libksba (Moderate)	2020-12-01
oval:org.opensuse.security:def:56469	P	Security update for xerces-j2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:56858	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:60604	P	Security update for ardana and crowbar (Important)	2020-12-01
oval:org.opensuse.security:def:59190	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:57696	P	cyrus-sasl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56470	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:60091	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:60728	P	Security update for python-ipaddress (Important)	2020-12-01
oval:org.opensuse.security:def:57874	P	libyaml-0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59346	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:84301	P	Security update for crowbar, crowbar-core, crowbar-ha, crowbar-init, crowbar-openstack, crowbar-ui (Moderate)	2018-09-20
oval:org.opensuse.security:def:80652	P	Security update for crowbar, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui (Moderate)	2018-09-04
oval:org.opensuse.security:def:80640	P	Security update for rubygem-sprockets-2_12 (Moderate)	2018-08-06
oval:org.opensuse.security:def:84299	P	Security update for rubygem-sprockets-2_12 (Moderate)	2018-08-02
oval:com.ubuntu.bionic:def:201837600000000	V	CVE-2018-3760 on Ubuntu 18.04 LTS (bionic) - medium.	2018-06-26
oval:com.ubuntu.artful:def:20183760000	V	CVE-2018-3760 on Ubuntu 17.10 (artful) - medium.	2018-06-26
oval:com.ubuntu.xenial:def:20183760000	V	CVE-2018-3760 on Ubuntu 16.04 LTS (xenial) - medium.	2018-06-26
oval:com.ubuntu.xenial:def:201837600000000	V	CVE-2018-3760 on Ubuntu 16.04 LTS (xenial) - medium.	2018-06-26
oval:com.ubuntu.bionic:def:20183760000	V	CVE-2018-3760 on Ubuntu 18.04 LTS (bionic) - medium.	2018-06-26
oval:com.ubuntu.disco:def:201837600000000	V	CVE-2018-3760 on Ubuntu 19.04 (disco) - medium.	2018-06-26
oval:com.ubuntu.cosmic:def:20183760000	V	CVE-2018-3760 on Ubuntu 18.10 (cosmic) - medium.	2018-06-26
oval:com.ubuntu.cosmic:def:201837600000000	V	CVE-2018-3760 on Ubuntu 18.10 (cosmic) - medium.	2018-06-26
oval:com.ubuntu.trusty:def:20183760000	V	CVE-2018-3760 on Ubuntu 14.04 LTS (trusty) - medium.	2018-06-26

BACK