Improper Authorization in actionpack gem for Ruby

Published: 2020-06-23

Risk	High
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2020-8185
CWE-ID	CWE-285
Exploitation vector	Network
Public exploit	Public exploit code for vulnerability #1 is available.
Vulnerable software Subscribe	actionpack Web applications / Modules and components for CMS
Vendor	Ruby

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Improper Authorization

EUVDB-ID: #VU29212

Risk: High

CVSSv3.1:

CVE-ID: CVE-2020-8185

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authorization process.

The vulnerability exists due to improper authorization. A remote attacker can execute any migrations that are pending for a Rails app running in production mode.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

actionpack: 6.0.0 - 6.0.3.1

CPE2.3

cpe:2.3:a:ruby:actionpack:6.0.3:rc1:*:*:*:rubygems:*:*

External links

http://snyk.io/vuln/SNYK-RUBY-ACTIONPACK-572498
http://github.com/rails/rails/commit/661da266b94909574426fd1121ef13b800e01b9a
http://groups.google.com/g/rubyonrails-security/c/pAe9EV8gbM0

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?