Sensitive Information Exposure in cap-strap gem 0.1.5

Sensitive Information Exposure in cap-strap gem 0.1.5

CVE-2014-4992 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process.

Learn more about our User Device Pen Test.