Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
RoR Database Configuration File Detected - Vulnerability Database

RoR Database Configuration File Detected

Description

Ruby on Rails applications store database credentials and connection settings in config/database.yml, which typically includes configurations for production, development, and test environments. This file contains sensitive information such as database hostnames, usernames, passwords, and database names. When this configuration file is accessible via web requests, it exposes critical infrastructure details that should remain confidential.

Remediation

Take the following steps to secure the database configuration file:

1. Restrict web server access: Ensure your web server configuration explicitly denies access to the config/ directory. For Apache, add the following to your .htaccess or virtual host configuration:

<Directory /path/to/rails/app/config>
  Require all denied
</Directory>
For Nginx, add:
location ~ ^/config/ {
  deny all;
  return 404;
}
2. Use environment variables: Store sensitive credentials in environment variables instead of committing them to database.yml. Reference them using ERB syntax:
production:
  adapter: postgresql
  database: myapp_production
  username: <%= ENV['DATABASE_USERNAME'] %>
  password: <%= ENV['DATABASE_PASSWORD'] %>
  host: <%= ENV['DATABASE_HOST'] %>
3. Verify file permissions: Ensure database.yml has restrictive permissions (600 or 640) and is owned by the application user.
4. Rotate credentials: If this file was exposed, immediately rotate all database passwords and review access logs for unauthorized activity.

References

Configuring Rails Applications

Related Vulnerabilities

Trace.axd Detected High
Common tags: Configuration Information Disclosure
Padding oracle attack High
Common tags: Configuration Information Disclosure
Tomcat status page Low
Common tags: Configuration Information Disclosure
Unprotected phpMyAdmin interface High
Common tags: Configuration Information Disclosure
ASP.NET error message Low
Common tags: Configuration Information Disclosure

Severity

High

Classification

CWE-538
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Configuration
Information Disclosure