Miggo Logo

CVE-2016-4442: rack-mini-profiler allows remote attackers to obtain sensitive information about allocated strings and objects

5.3

CVSS Score
3.0

Basic Information

EPSS Score
0.51299%
Published
10/24/2017
Updated
1/23/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
rack-mini-profilerrubygems< 0.10.10.10.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from two key issues: 1) The ClientSettings initialization and cookie validation in whitelist mode did not properly check allowed tokens before processing requests, as seen in the pre-patch has_cookie? method. 2) The Profiler's call method executed profiling logic before completing authorization checks. The fix (GHSA-j5hj-fhc9-g24m) moved security validations earlier in the pipeline and added proper token verification in ClientSettings#has_valid_cookie?. The commit shows critical changes to authorization flow in these functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** r**k-mini-pro*il*r **m ***or* *.**.* *or Ru*y *llows r*mot* *tt**k*rs to o*t*in s*nsitiv* in*orm*tion **out *llo**t** strin*s *n* o*j**ts *y l*v*r**in* in*orr**t or**rin* o* s**urity ****ks.

Reasoning

T** vuln*r**ility st*mm** *rom two k*y issu*s: *) T** *li*ntS*ttin*s initi*liz*tion *n* *ooki* v*li**tion in w*it*list mo** *i* not prop*rly ****k *llow** tok*ns ***or* pro**ssin* r*qu*sts, *s s**n in t** pr*-p*t** **s_*ooki*? m*t*o*. *) T** Pro*il*r