CVE-2012-2694 — Vulnetix

Try Vulnetix Request Demo

CVE-2012-2694 PUBLISHED

Reported by redhat · Published June 22, 2012

actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks via a crafted request, as demonstrated by certain "['xyz', nil]" values, a related issue to CVE-2012-2660.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a
RubyGems	actionpack	3.2.0, 3.0.13, 3.0.13

Timeline

CVE Published
Feb 7, 2018 PoC Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

SUSE-SU-2012:1015 vendor-advisoryx_refsource_SUSE
SUSE-SU-2012:1012 vendor-advisoryx_refsource_SUSE
openSUSE-SU-2012:0978 vendor-advisoryx_refsource_SUSE
SUSE-SU-2012:1014 vendor-advisoryx_refsource_SUSE
openSUSE-SU-2012:1066 vendor-advisoryx_refsource_SUSE
[rubyonrails-security] 20120612 Ruby on Rails Unsafe Query Generation Risk in Ruby on Rails (CVE-2012-2694) mailing-listx_refsource_MLIST
RHSA-2013:0154 vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2012-2694 advisory
https://github.com/advisories/GHSA-q34c-48gc-m9g8 advisory
https://github.com/rails/rails/commit/2f3bc0467311781ac1ceb2c8c2b09002c8fe143a patch
https://github.com/rails/rails/commit/c202638225519b5e1a03ebe523b109c948fb0e52 patch
https://github.com/rails/rails url
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2012-2694.yml advisory
https://groups.google.com/g/rubyonrails-security/c/jILZ34tAHF4/m/7x0hLH-o0-IJ url

Open in Interactive Console →