CVE-2013-0263

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 08-02-2013 01:00

Last modified: - 08-02-2013 01:00

Total changes: - 10

Description

CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:N/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

None

Integrity

-

Privileges required

-

Scope

-

User interaction

5.0

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=candlepin-0 AND versionEndExcluding=0.7.24-1.el6_3

vendor=rhel_sam AND product=1.2 AND version=

AND

product=katello-0 AND versionEndExcluding=1.2.1.1-1h.el6_4

vendor=rhel_sam AND product=1.2 AND version=

AND

product=katello-configure-0 AND versionEndExcluding=1.2.3.1-4h.el6_4

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-actionpack-1 AND versionEndExcluding=3.0.10-12.el6cf

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-activemodel-0 AND versionEndExcluding=3.0.10-3.el6cf

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-delayed_job-0 AND versionEndExcluding=2.1.4-3.el6cf

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-json-0 AND versionEndExcluding=1.7.3-2.el6_3

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-nokogiri-0 AND versionEndExcluding=1.5.0-0.9.beta4.el6cf

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-rack-1 AND versionEndExcluding=1.3.0-4.el6cf

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-rails_warden-0 AND versionEndExcluding=0.5.5-2.el6cf

vendor=rhel_sam AND product=1.2 AND version=

AND

product=rubygem-rdoc-0 AND versionEndExcluding=3.8-6.el6cf

vendor=rhel_sam AND product=1.2 AND version=

AND

product=thumbslug-0 AND versionEndExcluding=0.0.28.1-1.el6_4

vendor=rhel_sam AND product=1.2 AND version=

AND

product=jenkins-0 AND versionEndExcluding=1.502-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=openshift-origin-cartridge-jenkins-1.4-0 AND versionEndExcluding=1.0.3-1.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=ruby193-rubygem-rack-1 AND versionEndExcluding=1.4.1-4.el6

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-rack-1 AND versionEndExcluding=1.3.0-4.el6op

vendor=Red Hat Enterprise Linux AND product=openshift AND version=1

AND

product=rubygem-rack AND version=

vendor=cloudforms_tools AND product=1

AND

product=rubygem-rack AND version=

vendor=Red Hat Enterprise Linux AND product=enterprise_mrg AND version=2

Reference

Keywords

REDHAT

CVE-2013-0263

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.