Vulnerability Details : CVE-2021-41819
Potential exploit
CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affects the CGI gem through 0.3.0 for Ruby.
Products affected by CVE-2021-41819
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:15.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*
- cpe:2.3:a:ruby-lang:cgi:0.1.0:*:*:*:*:ruby:*:*
- cpe:2.3:a:ruby-lang:cgi:0.2.0:*:*:*:*:ruby:*:*
- cpe:2.3:a:ruby-lang:cgi:0.3.0:*:*:*:*:ruby:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
- cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*
Threat overview for CVE-2021-41819
Top countries where our scanners detected CVE-2021-41819
Top open port discovered on systems with this issue
80
IPs affected by CVE-2021-41819 69,407
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2021-41819!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2021-41819
0.77%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-41819
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2021-41819
-
The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-41819
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
[SECURITY] Fedora 34 Update: ruby-3.0.4-153.fc34 - package-announce - Fedora Mailing-Lists
-
https://www.ruby-lang.org/en/news/2021/11/24/cookie-prefix-spoofing-in-cgi-cookie-parse-cve-2021-41819/
CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parseExploit;Vendor Advisory
-
https://security.gentoo.org/glsa/202401-27
Ruby: Multiple vulnerabilities (GLSA 202401-27) — Gentoo security
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IUXQCH6FRKANCVZO2Q7D2SQX33FP3KWN/
[SECURITY] Fedora 34 Update: ruby-3.0.4-153.fc34 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20220121-0003/
CVE-2021-41819 Ruby Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://hackerone.com/reports/910552
Sign inPermissions Required;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
[SECURITY] Fedora 35 Update: ruby-3.0.4-153.fc35 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UTOJGS5IEFDK3UOO7IY4OTTFGHGLSWZF/
[SECURITY] Fedora 35 Update: ruby-3.0.4-153.fc35 - package-announce - Fedora Mailing-Lists
Jump to