HTTP: Ruby on Rails Web Console CVE-2015-3224 Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Ruby on Rails. A successful attack can lead to arbitrary code execution.
Extended Description
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection mechanism via a crafted request.
Affected Products
Rubyonrails web_console
Short Name
HTTP:CTS:RUBY-RAILS-RCE
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2015-3224 Code Console Execution Rails Remote Ruby Web bid:75237 on
Release Date
04/07/2020
Supported Platforms
srx-branch-12.3
srx-branch-19.3
vsrx3bsd-19.2
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
srx-19.4
vsrx-12.3
srx-12.3
vsrx-19.2
srx-19.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Rubyonrails
CVSS Score
4.3