actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-0155.
Advisories
Source ID Title
Debian DSA Debian DSA DSA-2888-1 ruby-actionpack-3.2 security update
EUVD EUVD EUVD-2017-0324 actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-0155.
Github GHSA Github GHSA GHSA-wpw7-wxjm-cw8r actionpack allows bypass of database-query restrictions
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2024-08-06T17:39:01.423Z

Reserved: 2013-11-04T00:00:00

Link: CVE-2013-6417

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2013-12-07T00:55:03.773

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-6417

cve-icon Redhat

Severity : Important

Publid Date: 2013-12-03T00:00:00Z

Links: CVE-2013-6417 - Bugzilla

cve-icon OpenCVE Enrichment

No data.