CVE-2017-0903 | Tenable®

Links

Tenable Community & Support

Tenable University

Settings

Severity

Theme

CVE-2017-0903

critical

Description

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

References

http://blog.rubygems.org/2017/10/09/2.6.14-released.html

http://blog.rubygems.org/2017/10/09/unsafe-object-deserialization-vulnerability.html

http://www.securityfocus.com/bid/101275

https://access.redhat.com/errata/RHSA-2017:3485

https://access.redhat.com/errata/RHSA-2018:0378

https://access.redhat.com/errata/RHSA-2018:0583

https://access.redhat.com/errata/RHSA-2018:0585

https://github.com/rubygems/rubygems/commit/510b1638ac9bba3ceb7a5d73135dafff9e5bab49

https://hackerone.com/reports/274990

https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html

https://usn.ubuntu.com/3553-1/

https://usn.ubuntu.com/3685-1/

https://www.debian.org/security/2017/dsa-4031

Details

Source: MITRE

Published: 2017-10-11

Updated: 2019-10-09

Type: CWE-502

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL