PT-2013-6040 · Ruby+1 · Ruby On Rails+1

Ankit Gupta

Published

2013-12-07

Updated

2019-08-08

CVE-2013-6417

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Ruby on Rails versions prior to 3.2.16 Ruby on Rails versions 4.x prior to 4.0.2

Description The issue arises from improper consideration of differences in parameter handling between the Active Record component and the JSON implementation in actionpack/lib/action dispatch/http/request.rb. This allows remote attackers to bypass intended database-query restrictions, perform NULL checks, or trigger missing WHERE clauses via a crafted request. The request can leverage third-party Rack middleware or custom Rack middleware to exploit this issue.

Recommendations For Ruby on Rails versions prior to 3.2.16, update to version 3.2.16 or later. For Ruby on Rails versions 4.x prior to 4.0.2, update to version 4.0.2 or later. As a temporary workaround, consider restricting access to custom Rack middleware and third-party Rack middleware until a patch is applied.

Exploit

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-284

Related Identifiers

CVE-2013-6417

DSA-2888-1

GHSA-WPW7-WXJM-CW8R

RHSA-2013:1794

RHSA-2014:0008

RHSA-2014:0469

Affected Products

Ruby On Rails

Suse

PT-2013-6040 · Ruby+1 · Ruby On Rails+1

CVE-2013-6417

Weakness Enumeration

Related Identifiers

Affected Products

References · 21