SUSE update for rubygem-actionpack-5_1

1) Cross-site request forgery

EUVDB-ID: #VU28244

Risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-8166

CWE-ID: CWE-352 - Cross-Site Request Forgery (CSRF)

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin in the "authenticity_token" meta tag. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.

Mitigation

Update the affected package rubygem-actionpack-5_1 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise High Availability Extension 15: SP1 - SP5

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP5

SUSE Linux Enterprise Server 15: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Server 15 SP3 Business Critical Linux: 15-SP3

SUSE Linux Enterprise Server 15 SP2 Business Critical Linux: 15-SP2

SUSE Linux Enterprise Server 15 SP1 Business Critical Linux: 15-SP1

openSUSE Leap: 15.4 - 15.5

SUSE Manager Retail Branch Server: 4.0 - 4.3

SUSE Manager Proxy: 4.0 - 4.3

SUSE Manager Server: 4.0 - 4.3

ruby2.5-rubygem-actionpack-5_1: before 5.1.4-150000.3.29.1

ruby2.5-rubygem-actionpack-doc-5_1: before 5.1.4-150000.3.29.1

External links

http://www.suse.com/support/update/announcement/2024/suse-su-20240103-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.