CRITICALCVE-2015-1820CVSS 9.8

CVE-2015-1820: Session Fixation in rest-client

Platform

ruby

Component

rest-client

Fixed in

1.8.0

AI Confidence: highNVDEPSS 3.7%Reviewed: May 2026

View on NVD

Save

CVE-2015-1820 is a critical vulnerability affecting the rest-client Ruby library. This flaw allows remote attackers to conduct session fixation attacks or steal sensitive cookie information by exploiting redirects. Versions of rest-client 1.6.1.a and earlier are vulnerable. A fix is available in version 1.8.0.

Impact and Attack Scenarios

The primary impact of CVE-2015-1820 is the potential for session fixation and cookie theft. An attacker could manipulate redirects within a Ruby application using rest-client to set cookies on the victim's browser. Subsequently, the attacker could then use these cookies to impersonate the victim, gaining unauthorized access to their account. This is particularly concerning in applications that rely heavily on cookies for authentication and session management. The vulnerability's ease of exploitation and the potential for significant data compromise make it a high-priority concern.

Exploitation Context

CVE-2015-1820 was publicly disclosed in 2018. While no active exploitation campaigns have been definitively linked to this specific CVE, the session fixation technique is well-understood and can be easily implemented. The vulnerability's simplicity increases the risk of opportunistic exploitation. No KEV listing is available.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown

CISA KEVNO

Internet ExposureHigh

EPSS

3.72% (88% percentile)

CVSS Vector

Affected Software

Componentrest-client

Vendorosv

Affected rangeFixed in

1.6.1.a1.8.0

Timeline

Published2018-08-13
Modified2024-02-16
EPSS updated2026-04-02

Patched -1238 days after disclosure

Mitigation and Workarounds

The recommended mitigation for CVE-2015-1820 is to immediately upgrade to rest-client version 1.8.0 or later. If upgrading is not immediately feasible, consider implementing stricter cookie security measures, such as setting the HttpOnly and Secure flags on cookies to prevent cross-site scripting (XSS) attacks and man-in-the-middle (MITM) interception. Additionally, carefully review and validate all redirects within your application to ensure they are not susceptible to manipulation. After upgrading, confirm the fix by testing redirect functionality and verifying that cookies are not being improperly set.

How to fix

No official patch available. Check for workarounds or monitor for updates.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2015-1820 — Session Fixation in rest-client?

CVE-2015-1820 is a critical vulnerability in rest-client allowing attackers to steal cookies via redirects, potentially leading to session hijacking.

Am I affected by CVE-2015-1820 in rest-client?

Yes, if your Ruby application uses rest-client versions 1.6.1.a or earlier, you are vulnerable. Upgrade to 1.8.0 or later.

How do I fix CVE-2015-1820 in rest-client?

Upgrade to rest-client version 1.8.0 or later. Implement stricter cookie security measures as a temporary workaround.

Is CVE-2015-1820 being actively exploited?

While no confirmed active campaigns are known, the vulnerability's simplicity makes opportunistic exploitation possible.

Where can I find the official rest-client advisory for CVE-2015-1820?

Refer to the CVE details on the NVD website: https://nvd.nist.gov/vuln/detail/CVE-2015-1820