Credentials Management Errors
CVE-2013-7134
Summary
Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
References
Advisory Timeline
- Published