CVE-2012-2695
published 2012-06-22CVE-2012-2695: The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.90%
85.1th percentile
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
Affected
36 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| activerecord_project | activerecord | >= 0 < 2.3.15 | 2.3.15 |
| activerecord_project | activerecord | >= 3.0.0 < 3.0.13 | 3.0.13 |
| activerecord_project | activerecord | >= 3.0.0.beta < 3.0.14 | 3.0.14 |
| activerecord_project | activerecord | >= 3.1.0 < 3.1.6 | 3.1.6 |
| activerecord_project | activerecord | >= 3.1.0 < 3.1.5 | 3.1.5 |
| activerecord_project | activerecord | >= 3.2.0 < 3.2.6 | 3.2.6 |
| activerecord_project | activerecord | >= 3.2.0 < 3.2.4 | 3.2.4 |
| debian | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
| rubyonrails | rails | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
ghsa7.5HIGH
osv7.5HIGH
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
activerecord vulnerable to SQL Injection
ghsa·2017-10-24·CVSS 5.0
CVE-2012-2695 [MEDIUM] CWE-89 activerecord vulnerable to SQL Injection
activerecord vulnerable to SQL Injection
The Active Record component in Ruby on Rails efore 2.3.15, 3.0.x before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
GHSA
Active Record vulnerable to SQL Injection via nested query parameters
ghsa·2017-10-24·CVSS 7.5
CVE-2012-2661 [HIGH] CWE-89 Active Record vulnerable to SQL Injection via nested query parameters
Active Record vulnerable to SQL Injection via nested query parameters
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.
OSV
Active Record vulnerable to SQL Injection via nested query parameters
osv·2017-10-24·CVSS 7.5
CVE-2012-2661 [HIGH] Active Record vulnerable to SQL Injection via nested query parameters
Active Record vulnerable to SQL Injection via nested query parameters
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.
OSV
activerecord vulnerable to SQL Injection
osv·2017-10-24·CVSS 5.0
CVE-2012-2695 [MEDIUM] activerecord vulnerable to SQL Injection
activerecord vulnerable to SQL Injection
The Active Record component in Ruby on Rails efore 2.3.15, 3.0.x before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
Red Hat
rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
vendor_redhat·2012-06-12·CVSS 5.0
CVE-2012-2695 [MEDIUM] CWE-89 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage improper handling of nested hashes, a related issue to CVE-2012-2661.
Red Hat
rubygem-activerecord: SQL injection when processing nested query paramaters
vendor_redhat·2012-05-31·CVSS 5.0
CVE-2012-2661 [MEDIUM] rubygem-activerecord: SQL injection when processing nested query paramaters
rubygem-activerecord: SQL injection when processing nested query paramaters
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.
Debian
CVE-2012-2661: rails - The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3...
vendor_debian·2012·CVSS 5.0
CVE-2012-2661 [MEDIUM] CVE-2012-2661: rails - The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3...
The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and 3.2.x before 3.2.4 does not properly implement the passing of request data to a where method in an ActiveRecord class, which allows remote attackers to conduct certain SQL injection attacks via nested query parameters that leverage unintended recursion, a related issue to CVE-2012-2695.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
bugzilla·2012-06-13·CVSS 5.0
CVE-2012-2695 [MEDIUM] CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661)
Originally, the CVE-2012-2661 identifier has been assigned to the following issue:
A security flaw was found in the way rubygem-activerecord, the ActiveRecord pattern for ORM, performed SQL query generation based on the content of params hash, when nested query paramaters were provided. If a Ruby on Rails application directly passed request params to the 'where' method of an ActiveRecord class, a remote attacker could use this flaw to cause the 'params[:id]' to return a specially-crafted hash, resulting into the WHERE clause of the SQL statement to query an arbitrary table with value of attacker's choice, leading to disclosure of sensitive information. (bug 8273
Bugzilla
CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) [fedora-all]
bugzilla·2012-06-13·CVSS 5.0
CVE-2012-2695 [MEDIUM] CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) [fedora-all]
CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission
Bugzilla
CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) [epel-5]
bugzilla·2012-06-13·CVSS 5.0
CVE-2012-2695 [MEDIUM] CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) [epel-5]
CVE-2012-2695 rubygem-activerecord: SQL injection when processing nested query paramaters (a different flaw than CVE-2012-2661) [epel-5]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.htmlhttp://lists.opensuse.org/opensuse-updates/2012-08/msg00046.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0154.htmlhttps://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplainhttp://lists.opensuse.org/opensuse-security-announce/2012-08/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-08/msg00014.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-08/msg00016.htmlhttp://lists.opensuse.org/opensuse-updates/2012-08/msg00046.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0154.htmlhttps://groups.google.com/group/rubyonrails-security/msg/aee3413fb038bf56?dmode=source&output=gplain
2012-06-22
Published