discourse rails-multisite CVE-2021-41263 is a vulnerability in Discourse Rails Multisite
Published on November 15, 2021

Secure/signed cookies share secrets between sites in rails_multisite
rails_multisite provides multi-db support for Rails applications. In affected versions this vulnerability impacts any Rails applications using `rails_multisite` alongside Rails' signed/encrypted cookies. Depending on how the application makes use of these cookies, it may be possible for an attacker to re-use cookies on different 'sites' within a multi-site Rails application. The issue has been patched in v4 of the `rails_multisite` gem. Note that this upgrade will invalidate all previous signed/encrypted cookies. The impact of this invalidation will vary based on the application architecture.

Github Repository NVD

Vulnerability Analysis

CVE-2021-41263 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity, and a high impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
LOW
Availability Impact:
HIGH

Weakness Types

What is an Information Disclosure Vulnerability?

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CVE-2021-41263 has been classified to as an Information Disclosure vulnerability or weakness.

Reliance on Cookies without Validation and Integrity Checking

The application relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user. Attackers can easily modify cookies, within the browser or by implementing the client-side code outside of the browser. Reliance on cookies without detailed validation and integrity checking can allow attackers to bypass authentication, conduct injection attacks such as SQL injection and cross-site scripting, or otherwise modify inputs in unexpected ways.


Products Associated with CVE-2021-41263

Want to know whenever a new CVE is published for Discourse Rails Multisite? stack.watch will email you.

Discourse Rails Multisite
 

Affected Versions

discourse rails_multisite Version < 4.0.0 is affected by CVE-2021-41263

Vulnerable Packages

The following package name and versions may be associated with CVE-2021-41263

Package Manager Vulnerable Package Versions Fixed In
rubygems rails_multisite < 4.0.0 4.0.0

Exploit Probability

EPSS
0.20%
Percentile
41.75%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.