Vulnerability Description
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Getbootstrap | Bootstrap-Sass | 3.2.0.3 |
Related Weaknesses (CWE)
References
- http://dgb.github.io/2019/04/05/bootstrap-sass-backdoor.htmlThird Party Advisory
- https://github.com/twbs/bootstrap-sass/issues/1195Issue TrackingThird Party Advisory
- https://snyk.io/blog/malicious-remote-code-execution-backdoor-discovered-in-the-ExploitThird Party Advisory
- https://snyk.io/vuln/SNYK-RUBY-BOOTSTRAPSASS-174093ExploitThird Party Advisory
- http://dgb.github.io/2019/04/05/bootstrap-sass-backdoor.htmlThird Party Advisory
- https://github.com/twbs/bootstrap-sass/issues/1195Issue TrackingThird Party Advisory
- https://snyk.io/blog/malicious-remote-code-execution-backdoor-discovered-in-the-ExploitThird Party Advisory
- https://snyk.io/vuln/SNYK-RUBY-BOOTSTRAPSASS-174093ExploitThird Party Advisory
FAQ
What is CVE-2019-10842?
CVE-2019-10842 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 a...
How severe is CVE-2019-10842?
CVE-2019-10842 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-10842?
Check the references section above for vendor advisories and patch information. Affected products include: Getbootstrap Bootstrap-Sass.