fkie_nvd - fkie_cve-2016-6317

fkie_cve-2016-6317

Vulnerability from fkie_nvd

Published

2016-09-07 19:28

Modified

2025-04-12 10:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.

References

URL	Tags
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2016-1855.html
secalert@redhat.com	http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/	Release Notes
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2016/08/11/4	Mailing List, Third Party Advisory
secalert@redhat.com	http://www.securityfocus.com/bid/92434
secalert@redhat.com	https://groups.google.com/forum/#%21topic/ruby-security-ann/WccgKSKiPZA
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-1855.html
af854a3a-2127-422b-91ae-364da2661108	http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/	Release Notes
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/08/11/4	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92434
af854a3a-2127-422b-91ae-364da2661108	https://groups.google.com/forum/#%21topic/ruby-security-ann/WccgKSKiPZA

Impacted products

Vendor	Product	Version
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.2
rubyonrails	rails	4.2.3
rubyonrails	rails	4.2.3
rubyonrails	rails	4.2.4
rubyonrails	rails	4.2.4
rubyonrails	rails	4.2.5
rubyonrails	rails	4.2.5
rubyonrails	rails	4.2.5
rubyonrails	rails	4.2.5.1
rubyonrails	rails	4.2.5.2
rubyonrails	rails	4.2.6
rubyonrails	rails	4.2.6
rubyonrails	rails	4.2.7
rubyonrails	rails	4.2.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A68D41F-36A9-4B77-814D-996F4E48FA79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "709A19A5-8FD1-4F9C-A38C-F06242A94D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "8104482C-E8F5-40A7-8B27-234FEF725FD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "2CFF8677-EA00-4F7E-BFF9-272482206DB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "8D7DF5CD-DA28-492D-B5EE-D252ECCC8D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "85435026-9855-4BF4-A436-832628B005FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "56C2308F-A590-47B0-9791-7865D189196F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "9A266882-DABA-4A4C-88E6-60E993EE0947",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83F1142C-3BFB-4B72-A033-81E20DB19D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1FA738A1-227B-4665-B65E-666883FFAE96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "6F00718C-A9E8-4E85-8DA6-33BF11F2DCCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "10789A2D-6401-4119-BFBE-2EE4C16216D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "70ABD462-7142-4831-8EB6-801EC1D05573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81D717DB-7C80-48AA-A774-E291D2E75D6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B357FB-0307-4EFA-9C5B-3C2CDEA48584",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E4BD8840-0F1C-49D3-B843-9CFE64948018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79D5B492-43F9-470F-BD21-6EFD93E78453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "4EC1F602-D48C-458A-A063-4050BE3BB25F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6A1C015-56AD-489C-B301-68CF1DBF1BEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "FD191625-ACE2-46B6-9AAD-12D682C732C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "02C7DB56-267B-4057-A9BA-36D1E58C6282",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC163D49-691B-4125-A983-6CF6F6D86DEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B537D1-1584-4D15-9C75-08ED4D45DC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A19315C-9A9D-45FE-81C8-074744825B98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B4233-E117-4E77-A60D-3DFD5073154D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "392CF25B-8400-4185-863F-D6353B664FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.7:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "3037282A-863A-4C92-A40C-4D436D2621C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain \"[nil]\" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155."
    },
    {
      "lang": "es",
      "value": "Action Record en Ruby en Rails 4.2.x en versiones anteriores a 4.2.7.1 no considera adecuadamente las diferencias en en el manejo de par\u00e1metros entre el componente Active Record y la implementaci\u00f3n de JSON, lo que permite a atacantes remotos eludir restricciones destinadas a la consulta de base de datos y realizar comprobaciones NULL o desencadenar clausulas perdidas WHERE a trav\u00e9s de un solicitud manipulada, como se demuestra por ciertos valores \"[nil]\", un problema relacionado con CVE-2012-2660, CVE-2012-2694 y CVE-2013-0155."
    }
  ],
  "id": "CVE-2016-6317",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-09-07T19:28:11.410",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1855.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes"
      ],
      "url": "http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/08/11/4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/92434"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://groups.google.com/forum/#%21topic/ruby-security-ann/WccgKSKiPZA"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1855.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/08/11/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/92434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://groups.google.com/forum/#%21topic/ruby-security-ann/WccgKSKiPZA"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        },
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2016-6317 (GCVE-0-2016-6317)

Vulnerability from cvelistv5

Published

2016-09-07 19:00