CVE-2013-6417 — Improper Access Control in Project Actionpack

CWE-284 — Improper Access Control CWE-89 — SQL Injection8 documents7 sources

Severity

6.4MEDIUMNVD

EPSS

0.5%

top 33.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Actionpack Project Actionpack Rubyonrails Rails Rubyonrails Ruby ON Rails

Timeline

PublishedDec 7

Latest updateOct 24

Description

actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because o…

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages3 packages

▶NVDrubyonrails/rails4.0.1+47

▶NVDrubyonrails/ruby_on_rails3.2.15+4

▶RubyGemsactionpack_project/actionpack3.0.0 — 3.2.16+1

🔴Vulnerability Details

GHSA

actionpack allows bypass of database-query restrictions↗2017-10-24

▶

OSV

actionpack allows bypass of database-query restrictions↗2017-10-24

▶

CVEList

CVE-2013-6417: actionpack/lib/action_dispatch/http/request↗2013-12-07

▶

OSV

CVE-2013-6417: actionpack/lib/action_dispatch/http/request↗2013-12-07

▶

📋Vendor Advisories

Red Hat

rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013- 0155)↗2013-12-03

▶

Debian

CVE-2013-6417: rails - actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 an...↗2013

▶

💬Community

Bugzilla

CVE-2013-6417 rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013- 0155)↗2013-12-01

▶