Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-04-29T14:00:00
Updated: 2014-04-29T12:57:00
Reserved: 2013-12-17T00:00:00
Link: CVE-2013-7134
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-04-29T14:38:46.437
Modified: 2014-04-29T18:13:53.343
Link: CVE-2013-7134
JSON object: View
Redhat Information
No data.
CWE