RubySecRUBY:PGHERO-2020-16253CSRF Vulnerability with Non-Session Based Authentication
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
The PgHero dashboard is vulnerable to CSRF with non-session based authentication methods.
Impact
The PgHero dashboard is vulnerable to cross-site request forgery (CSRF). This affects the Docker
image, Linux packages, and in specific cases, the Ruby gem. The Ruby gem is vulnerable with
non-session based authentication methods like basic authentication - session-based authentication
methods (like Devise’s default authentication) are not affected.
A CSRF attack works by getting an authorized user to visit a malicious website and then performing
requests on behalf of the user. In this instance, actions include:
- Canceling running queries
- Running
EXPLAINon queries (without seeing the results, but can be used for denial of service
and other attacks) - Resetting query stats (running
pg_stat_statements_reset())
Affected configurations
References
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H