CVE-2013-0233
published 2013-04-25CVE-2013-0233: Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform…
PriorityP346medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
14.13%
96.1th percentile
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
Affected
21 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ruby-devise | < ruby-devise 3.4.1-1 (bookworm) | ruby-devise 3.4.1-1 (bookworm) |
| opensuse | opensuse | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | — | — |
| plataformatec | devise | >= 1.5.0 < 1.5.4 | 1.5.4 |
| plataformatec | devise | >= 2.0.0 < 2.0.5 | 2.0.5 |
| plataformatec | devise | >= 2.1.0 < 2.1.3 | 2.1.3 |
| plataformatec | devise | >= 2.2.0 < 2.2.3 | 2.2.3 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests submitting XML content-type bodies to password reset endpoints, particularly those targeting the reset_password_token parameter — this is the core exploitation vector for type confusion. ↗
- →Alert on password reset requests where the reset_password_token value is not a standard string/token format (e.g., numeric or structured XML node), indicating attempted type confusion abuse. ↗
- →Flag use of the Metasploit module auxiliary/admin/http/rails_devise_pass_reset against Devise-backed Rails applications as active exploitation of CVE-2013-0233. ↗
- ·Exploitation only affects non-PostgreSQL and non-SQLite3 database backends; PostgreSQL and SQLite3 are not vulnerable due to stricter type handling. ↗
- ·The Metasploit module targets common Devise URI patterns by default but may need tuning for customized implementations, meaning detection rules based on default URIs may miss customized deployments. ↗
- ·Rails 3.2.12 and 3.1.11 patches mitigate exploitation at the framework level; environments running patched Rails versions are protected even if Devise itself is not updated. ↗
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2013-0233: ruby-devise - Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x...
vendor_debian·2013·CVSS 6.8
CVE-2013-0233 [MEDIUM] CVE-2013-0233: ruby-devise - Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x...
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
Scope: local
bookworm: resolved (fixed in 3.4.1-1)
bullseye: resolved (fixed in 3.4.1-1)
GHSA
Devise does not properly perform type conversion when performing database queries
ghsa·2017-10-24
CVE-2013-0233 [MEDIUM] CWE-704 Devise does not properly perform type conversion when performing database queries
Devise does not properly perform type conversion when performing database queries
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
OSV
Devise does not properly perform type conversion when performing database queries
osv·2017-10-24
CVE-2013-0233 [MEDIUM] Devise does not properly perform type conversion when performing database queries
Devise does not properly perform type conversion when performing database queries
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
OSV
CVE-2013-0233: Devise gem 2
osv·2013-04-25·CVSS 6.8
CVE-2013-0233 [MEDIUM] CVE-2013-0233: Devise gem 2
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
No detection rules found.
No writeups or analysis indexed.
http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.htmlhttp://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_resethttp://www.openwall.com/lists/oss-security/2013/01/29/3http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.htmlhttp://www.securityfocus.com/bid/57577https://github.com/Snorby/snorby/issues/261http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.htmlhttp://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_resethttp://www.openwall.com/lists/oss-security/2013/01/29/3http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.htmlhttp://www.securityfocus.com/bid/57577https://github.com/Snorby/snorby/issues/261
2013-04-25
Published