Vulnerability Details : CVE-2017-11173
Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests. If the configuration were intended to allow only the trusted example.com domain name and not the malicious example.net domain name, then example.com.example.net (as well as example.com-example.net) would be inadvertently allowed.
Products affected by CVE-2017-11173
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:rack-cors_project:rack-cors:*:*:*:*:*:ruby:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-11173
1.75%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-11173
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
References for CVE-2017-11173
-
https://packetstormsecurity.com/files/143345/rack-cors-Missing-Anchor.html
rack-cors Missing Anchor ≈ Packet StormThird Party Advisory;VDB Entry
-
http://www.debian.org/security/2017/dsa-3931
Debian -- Security Information -- DSA-3931-1 ruby-rack-corsThird Party Advisory
-
https://github.com/cyu/rack-cors/commit/42ebe6caa8e85ffa9c8a171bda668ba1acc7a5e6
Add end string anchor to string origin def · cyu/rack-cors@42ebe6c · GitHubPatch;Third Party Advisory
-
http://seclists.org/fulldisclosure/2017/Jul/22
Full Disclosure: CVE-2017-11173 Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requestsMailing List;Third Party Advisory
Jump to