Vulnerability Description
Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request, as demonstrated by certain "[nil]" values, a related issue to CVE-2012-2660, CVE-2012-2694, and CVE-2013-0155.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rubyonrails | Rails | 4.2.0 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2016-1855.html
- http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-Release Notes
- http://www.openwall.com/lists/oss-security/2016/08/11/4Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/92434
- https://groups.google.com/forum/#%21topic/ruby-security-ann/WccgKSKiPZA
- http://rhn.redhat.com/errata/RHSA-2016-1855.html
- http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-Release Notes
- http://www.openwall.com/lists/oss-security/2016/08/11/4Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/92434
- https://groups.google.com/forum/#%21topic/ruby-security-ann/WccgKSKiPZA
FAQ
What is CVE-2016-6317?
CVE-2016-6317 is a vulnerability with a CVSS score of 7.5 (HIGH). Action Record in Ruby on Rails 4.2.x before 4.2.7.1 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote at...
How severe is CVE-2016-6317?
CVE-2016-6317 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6317?
Check the references section above for vendor advisories and patch information. Affected products include: Rubyonrails Rails.