CVE-2013-7111

Name of the Vulnerable Software and Affected Versions BaseSpace Ruby SDK (aka bio-basespace-sdk) gem version 0.1.7

Description The issue concerns the put call function in the API client, specifically in the api/api client.rb file. This function uses the API KEY on the command line, allowing remote attackers to obtain sensitive information by listing the processes.

Recommendations For BaseSpace Ruby SDK (aka bio-basespace-sdk) gem version 0.1.7, consider restricting access to the api/api client.rb file or the put call function to minimize the risk of exploitation. As a temporary workaround, avoid using the API KEY on the command line until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.