CVE-2021-29435 - OpenCVE

trestle-auth is an authentication plugin for the Trestle admin framework. A vulnerability in trestle-auth versions 0.4.0 and 0.4.1 allows an attacker to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session. This potentially allows an attacker to alter protected data, including admin account credentials. The vulnerability has been fixed in trestle-auth 0.4.2 released to RubyGems.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Trestle-auth Project	Trestle-auth

Configuration 1 [-]

OR	cpe:2.3:a:trestle-auth_project:trestle-auth:0.4.0:::::ruby::
	cpe:2.3:a:trestle-auth_project:trestle-auth:0.4.1:::::ruby::

No data.

References

Link	Providers
https://github.com/TrestleAdmin/trestle-auth/commit/cb95b05cdb2609052207af07b4b8dfe3a23c11dc
https://github.com/TrestleAdmin/trestle-auth/security/advisories/GHSA-h8hx-2c5r-32cf
https://rubygems.org/gems/trestle-auth

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2021-04-13T17:00:21

Updated: 2024-08-03T22:02:51.930Z

Reserved: 2021-03-30T00:00:00

Link: CVE-2021-29435

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-04-13T20:15:21.907

Modified: 2021-04-19T15:19:49.717

Link: CVE-2021-29435

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "trestle-auth", "vendor": "TrestleAdmin", "versions": [{"status": "affected", "version": ">= 0.4.0, < 0.4.2"}]}], "descriptions": [{"lang": "en", "value": "trestle-auth is an authentication plugin for the Trestle admin framework. A vulnerability in trestle-auth versions 0.4.0 and 0.4.1 allows an attacker to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session. This potentially allows an attacker to alter protected data, including admin account credentials. The vulnerability has been fixed in trestle-auth 0.4.2 released to RubyGems."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-352", "description": "{\"CWE-352\":\"Cross-Site Request Forgery (CSRF)\"}", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-04-13T17:00:21", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/TrestleAdmin/trestle-auth/security/advisories/GHSA-h8hx-2c5r-32cf"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/TrestleAdmin/trestle-auth/commit/cb95b05cdb2609052207af07b4b8dfe3a23c11dc"}, {"tags": ["x_refsource_MISC"], "url": "https://rubygems.org/gems/trestle-auth"}], "source": {"advisory": "GHSA-h8hx-2c5r-32cf", "discovery": "UNKNOWN"}, "title": "Cross-Site Request Forgery (CSRF) in trestle-auth", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-29435", "STATE": "PUBLIC", "TITLE": "Cross-Site Request Forgery (CSRF) in trestle-auth"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "trestle-auth", "version": {"version_data": [{"version_value": ">= 0.4.0, < 0.4.2"}]}}]}, "vendor_name": "TrestleAdmin"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "trestle-auth is an authentication plugin for the Trestle admin framework. A vulnerability in trestle-auth versions 0.4.0 and 0.4.1 allows an attacker to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session. This potentially allows an attacker to alter protected data, including admin account credentials. The vulnerability has been fixed in trestle-auth 0.4.2 released to RubyGems."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "{\"CWE-352\":\"Cross-Site Request Forgery (CSRF)\"}"}]}]}, "references": {"reference_data": [{"name": "https://github.com/TrestleAdmin/trestle-auth/security/advisories/GHSA-h8hx-2c5r-32cf", "refsource": "CONFIRM", "url": "https://github.com/TrestleAdmin/trestle-auth/security/advisories/GHSA-h8hx-2c5r-32cf"}, {"name": "https://github.com/TrestleAdmin/trestle-auth/commit/cb95b05cdb2609052207af07b4b8dfe3a23c11dc", "refsource": "MISC", "url": "https://github.com/TrestleAdmin/trestle-auth/commit/cb95b05cdb2609052207af07b4b8dfe3a23c11dc"}, {"name": "https://rubygems.org/gems/trestle-auth", "refsource": "MISC", "url": "https://rubygems.org/gems/trestle-auth"}]}, "source": {"advisory": "GHSA-h8hx-2c5r-32cf", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:02:51.930Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/TrestleAdmin/trestle-auth/security/advisories/GHSA-h8hx-2c5r-32cf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/TrestleAdmin/trestle-auth/commit/cb95b05cdb2609052207af07b4b8dfe3a23c11dc"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://rubygems.org/gems/trestle-auth"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-29435", "datePublished": "2021-04-13T17:00:21", "dateReserved": "2021-03-30T00:00:00", "dateUpdated": "2024-08-03T22:02:51.930Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trestle-auth_project:trestle-auth:0.4.0:*:*:*:*:ruby:*:*", "matchCriteriaId": "03D0B300-CDE9-4E0D-BFD2-E9EDD5C533B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:trestle-auth_project:trestle-auth:0.4.1:*:*:*:*:ruby:*:*", "matchCriteriaId": "0991DB53-B830-45AF-AAA2-320C578924F6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "trestle-auth is an authentication plugin for the Trestle admin framework. A vulnerability in trestle-auth versions 0.4.0 and 0.4.1 allows an attacker to create a form that will bypass Rails' built-in CSRF protection when submitted by a victim with a trestle-auth admin session. This potentially allows an attacker to alter protected data, including admin account credentials. The vulnerability has been fixed in trestle-auth 0.4.2 released to RubyGems."}, {"lang": "es", "value": "trestle-auth es un plugin de autenticaci\u00f3n para el framework de administraci\u00f3n de Trestle. Una vulnerabilidad en trestle-auth versiones 0.4.0 y 0.4.1, permite a un atacante crear un formulario que omitir\u00e1 la protecci\u00f3n CSRF incorporada de Rails cuando lo env\u00ede una v\u00edctima con una sesi\u00f3n de administraci\u00f3n de trestle-auth. Esto potencialmente permite a un atacante alterar los datos protegidos, incluyendo las credenciales de la cuenta de administrador. La vulnerabilidad ha sido corregida en trestle-auth versi\u00f3n 0.4.2, publicada en RubyGems"}], "id": "CVE-2021-29435", "lastModified": "2021-04-19T15:19:49.717", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2021-04-13T20:15:21.907", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/TrestleAdmin/trestle-auth/commit/cb95b05cdb2609052207af07b4b8dfe3a23c11dc"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/TrestleAdmin/trestle-auth/security/advisories/GHSA-h8hx-2c5r-32cf"}, {"source": "security-advisories@github.com", "tags": ["Product", "Third Party Advisory"], "url": "https://rubygems.org/gems/trestle-auth"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "security-advisories@github.com", "type": "Primary"}]}