{ "threat_severity" : "Important", "public_date" : "2013-12-03T00:00:00Z", "bugzilla" : { "description" : "rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013- 0155)", "id" : "1036409", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1036409" }, "cvss" : { "cvss_base_score" : "6.4", "cvss_scoring_vector" : "AV:N/AC:L/Au:N/C:P/I:P/A:N", "status" : "verified" }, "cwe" : "CWE-89", "details" : [ "actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-0155." ], "acknowledgement" : "Red Hat would like to thank Ruby on Rails project for reporting this issue.", "affected_release" : [ { "product_name" : "CloudForms Management Engine 5.x", "release_date" : "2014-05-12T00:00:00Z", "advisory" : "RHSA-2014:0469", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package" : "cfme-0:5.2.3.2-1.el6cf" }, { "product_name" : "CloudForms Management Engine 5.x", "release_date" : "2014-05-12T00:00:00Z", "advisory" : "RHSA-2014:0469", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package" : "postgresql92-postgresql-0:9.2.7-1.1.el6" }, { "product_name" : "CloudForms Management Engine 5.x", "release_date" : "2014-05-12T00:00:00Z", "advisory" : "RHSA-2014:0469", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package" : "prince-0:9.0r2-4.el6cf" }, { "product_name" : "CloudForms Management Engine 5.x", "release_date" : "2014-05-12T00:00:00Z", "advisory" : "RHSA-2014:0469", "cpe" : "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package" : "ruby193-rubygem-actionpack-1:3.2.13-6.el6cf" }, { "product_name" : "OpenStack 3 for RHEL 6", "release_date" : "2014-01-06T00:00:00Z", "advisory" : "RHSA-2014:0008", "cpe" : "cpe:/a:redhat:openstack:3::el6", "package" : "ruby193-rubygem-actionpack-1:3.2.8-5.1.el6" }, { "product_name" : "Red Hat Software Collections for RHEL-6", "release_date" : "2013-12-05T00:00:00Z", "advisory" : "RHSA-2013:1794", "cpe" : "cpe:/a:redhat:rhel_software_collections:1::el6", "package" : "ruby193-rubygem-actionpack-1:3.2.8-5.1.el6" } ], "package_state" : [ { "product_name" : "OpenShift Enterprise 1", "fix_state" : "Will not fix", "package_name" : "ruby193-rubygem-actionpack", "cpe" : "cpe:/a:redhat:openshift:1" }, { "product_name" : "Red Hat OpenStack Platform 4", "fix_state" : "Affected", "package_name" : "ruby193-rubygem-actionpack", "cpe" : "cpe:/a:redhat:openstack:4" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Affected", "package_name" : "ruby193-rubygem-actionpack", "cpe" : "cpe:/a:redhat:satellite:6" }, { "product_name" : "Red Hat Software Collections", "fix_state" : "Not affected", "package_name" : "ror40-rubygem-actionpack", "cpe" : "cpe:/a:redhat:rhel_software_collections:1" }, { "product_name" : "Red Hat Subscription Asset Manager", "fix_state" : "Affected", "package_name" : "ruby193-rubygem-actionpack", "cpe" : "cpe:/a:rhel_sam:1" }, { "product_name" : "Red Hat Subscription Asset Manager", "fix_state" : "Will not fix", "package_name" : "rubygem-actionpack", "cpe" : "cpe:/a:rhel_sam:1" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-6417\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-6417" ], "name" : "CVE-2013-6417", "csaw" : false }