CVE-2018-16476

CWE-284Improper Access ControlCWE-502Deserialization of Untrusted DataCWE-200Information Exposure9 documents7 sources
Severity
7.5HIGH
EPSS
0.8%
top 26.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Rubyonrails RailsHttps: /github.com/rails/railsRedhat Cloudforms
Timeline
PublishedNov 30
Latest updateDec 13

Description

A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1, 5.1.6.1, and 5.2.1.1.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

RubyGemsactivejob4.2.04.2.11+3
NVDrubyonrails/rails4.2.04.2.11+3
Debianrails< 2:5.2.2+dfsg-1+3
CVEListV5https://github.com/rails/rails4 versions+3

🔴Vulnerability Details

4
OSV
Improper Access Control in activejob2018-12-05
GHSA
Improper Access Control in activejob2018-12-05
CVEList
CVE-2018-16476: A Broken Access Control vulnerability in Active Job versions >= 42018-11-30
OSV
CVE-2018-16476: A Broken Access Control vulnerability in Active Job versions >= 42018-11-30

📋Vendor Advisories

2
Red Hat
activejob: Information Exposure through deserialization using GlobalId2018-11-27
Debian
CVE-2018-16476: rails - A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an ...2018

💬Community

2
Bugzilla
CVE-2018-16476 activejob: Information Exposure through deserialization using GlobalId2018-12-13
Bugzilla
CVE-2018-16476 rubygem-activejob: activejob: Information Exposure through deserialization using GlobalId [fedora-all]2018-12-13
CVE-2018-16476 (HIGH CVSS 7.5) | A Broken Access Control vulnerabili | cvebase.io