Description

Ruby on Rails applications store database configuration information in a file named config/database.yml. By default it contains three configurations: production, development, and test. The information stored in this file is highly sensitive and should not be found in a production system.

Remediation

Restrict access to this file or remove it from the system.

References

Related Vulnerabilities