CVE-2021-43840

Published: Dic 17, 2021 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2021-2612 Aliases: GHSA-xmgj-5fh3-xjmm
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 4,4
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: high
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none
LOW 3,5
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: single
Confidentiality: partial
Integrity: none
Availability: none

Description

AI Translation Available

message_bus is a messaging bus for Ruby processes and web clients. In versions prior to 3.3.7 users who deployed message bus with diagnostics features enabled (default off) are vulnerable to a path traversal bug, which could lead to disclosure of secret information on a machine if an unintended user were to gain access to the diagnostic route. The impact is also greater if there is no proxy for your web application as the number of steps up the directories is not bounded. For deployments which uses a proxy, the impact varies. For example, If a request goes through a proxy like Nginx with `merge_slashes` enabled, the number of steps up the directories that can be read is limited to 3 levels. This issue has been patched in version 3.3.7. Users unable to upgrade should ensure that MessageBus::Diagnostics is disabled.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0023
Percentile
0,5th
Updated

EPSS Score Trend (Last 90 Days)

22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Stable
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Confidentiality Availability
Potential Impacts:
Execute Unauthorized Code Or Commands Modify Files Or Directories Read Files Or Directories Dos: Crash, Exit, Or Restart
Applicable Platforms
Technologies: AI/ML
Likelihood of Exploit: High
View CWE Details
Application

Message Bus by Discourse

Product Information
Vendor Discourse
Product Message Bus
Version Range Affected
To 3.3.7 (exclusive)
cpe:2.3:a:discourse:message_bus:*:*:*:*:*:ruby:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/discourse/message_bus/commit/9b6deee01ed…
Patch Third Party Advisory
https://github.com/discourse/message_bus/commit/9b6deee01ed474c7e9b5ff65a06bb04…
https://github.com/discourse/message_bus/security/advisorie…
Third Party Advisory
https://github.com/discourse/message_bus/security/advisories/GHSA-xmgj-5fh3-xjmm
https://github.com/discourse/message_bus/commit/9b6deee01ed…
Patch Third Party Advisory
https://github.com/discourse/message_bus/commit/9b6deee01ed474c7e9b5ff65a06bb04…
https://github.com/discourse/message_bus/security/advisorie…
Third Party Advisory
https://github.com/discourse/message_bus/security/advisories/GHSA-xmgj-5fh3-xjmm