CVE-2024-26144
moderate-risk
Published 2024-02-27
Rails is a web-application framework. Starting with version 5.2.0, there is a possible sensitive session information leak in Active Storage. By default, Active Storage sends a Set-Cookie header along with the user's session cookie when serving blobs. It also sets Cache-Control to public. Certain proxies may cache the Set-Cookie, leading to an information leak. The vulnerability is fixed in 7.0.8.1 and 6.1.7.7.
Do I need to act?
~
3.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10
Medium
NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (12)
Third Party Advisory
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20240510-0013/
Third Party Advisory
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activestorage/CVE-2...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20240510-0013/
32
/ 100
moderate-risk
Severity
21/34 · High
Exploitability
6/34 · Minimal
Exposure
5/34 · Minimal