1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Ruby Rails CVE-2019-5420 Activity

Attack: Ruby Rails CVE-2019-5420 Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to execute arbitrary ruby code on the affected system.

Additional Information

Ruby on Rails is a web application framework for multiple platforms. Action Pack is a component in Ruby on Rails for handling and responding to web requests.

Ruby on Rails is prone to a remote code execution vulnerability that affects the 'config/environments/development.rb' script. Specifically, this issue occurs when in development mode. An attacker can exploit this issue to guess the automatically generated development mode secret token.

An attacker can exploit this issue to execute arbitrary code on the affected system.

Affected

  • Rails in development mode before 5.2.2.1 and before 6.0.0.beta3
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube