CVE-2021-22904

CVE-2021-22904

Name

CVE-2021-22904

Description

The actionpack ruby gem before 6.1.3.2, 6.0.3.7, 5.2.4.6, 5.2.6 suffers from a possible denial of service vulnerability in the Token Authentication logic in Action Controller due to a too permissive regular expression. Impacted code uses `authenticate_or_request_with_http_token` or `authenticate_with_http_token` for request authentication.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://discuss.rubyonrails.org/t/cve-2021-22904-possible-dos-vulnerability-in-action-controller-token-authentication/77869
MISC	https://hackerone.com/reports/1101125
Third Party Advisory	https://security.netapp.com/advisory/ntap-20210805-0009/

Type

URI

MISC

https://discuss.rubyonrails.org/t/cve-2021-22904-possible-dos-vulnerability-in-action-controller-token-authentication/77869

MISC

https://hackerone.com/reports/1101125

Third Party Advisory

https://security.netapp.com/advisory/ntap-20210805-0009/

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:rubyonrails:rails::::::::`	rails	>= None	< 5.2.4.6
`cpe:2.3:a:rubyonrails:rails::::::::`	rails	>= 5.2.5	< 5.2.6
`cpe:2.3:a:rubyonrails:rails::::::::`	rails	>= 6.0.0	< 6.0.3.7
`cpe:2.3:a:rubyonrails:rails::::::::`	rails	>= 6.1.0	< 6.1.3.2

CPE URI

Source package

Min version

Max version

cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*

rails

>= None

< 5.2.4.6

cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*

rails

>= 5.2.5

< 5.2.6

cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*

rails

>= 6.0.0

< 6.0.3.7

cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*

rails

>= 6.1.0

< 6.1.3.2

References

Match rules

Vulnerable and fixed packages