Miggo Logo
Miggo Vulnerability Database
CVE-2015-2179

CVE-2015-2179: xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

5.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2015-2179
GHSA ID
GHSA-88p8-4vv5-82j7
EPSS Score
0.15428%
CWE
CWE-200
Published
1/26/2023
Updated
12/14/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
xaviershay-dm-railsrubygems<= 1.2.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The advisory explicitly identifies the execute() function in storage.rb as the source of the vulnerability. The provided code snippet shows MySQL credentials being passed as plaintext command-line arguments via system(), which are visible in process listings. This matches the described exposure mechanism (CWE-200) where local attackers can view credentials via process inspection tools.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

x*vi*rs**y-*m-r*ils **m *or Ru*y *ont*ins * *l*w in t** `*x**ut*()` *un*tion in `/**t*m*pp*r/*m-r*ils/*lo*/m*st*r/li*/*m-r*ils/stor***.r*`. T** issu* is *u* to t** *un*tion *xposin* s*nsitiv* in*orm*tion vi* t** pro**ss t**l*. T*is m*y *llow * lo**l

Reasoning

T** **visory *xpli*itly i**nti*i*s t** `*x**ut*()` *un*tion in stor***.r* *s t** sour** o* t** vuln*r**ility. T** provi*** *o** snipp*t s*ows MySQL *r***nti*ls **in* p*ss** *s pl*int*xt *omm*n*-lin* *r*um*nts vi* `syst*m()`, w*i** *r* visi*l* in `pro