VDB
RHSA-2013%3A0155
RHSA-2013%3A0155
PUBLISHED
CVSS 6.400000095367432 MEDIUM
SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.
Risk Scores
CVSS 2.0
6.400000095367432
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rubygem-actionpack-1:3.0.10-11.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server | rubygem-actionpack-1:3.0.10-11.el6cf.src |
| Red Hat | rubygem-activerecord-1:3.0.10-8.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server | rubygem-activerecord-1:3.0.10-8.el6cf.src |
| Red Hat | rubygem-activerecord-1:3.0.10-8.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server | rubygem-activerecord-1:3.0.10-8.el6cf.src |
| Red Hat | rubygem-activesupport-1:3.0.10-5.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server | rubygem-activesupport-1:3.0.10-5.el6cf.src |
| Red Hat | rubygem-actionpack-1:3.0.10-11.el6cf.src as a component of CloudForms System Engine for RHEL 6 Server | rubygem-actionpack-1:3.0.10-11.el6cf.src |
| Red Hat | rubygem-actionpack-1:3.0.10-11.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server | * |
| Red Hat | rubygem-actionpack-1:3.0.10-11.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server | rubygem-actionpack-1:3.0.10-11.el6cf.noarch |
| Red Hat | rubygem-activerecord-1:3.0.10-8.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server | rubygem-activerecord-1:3.0.10-8.el6cf.noarch |
| Red Hat | rubygem-activesupport-1:3.0.10-5.el6cf.noarch as a component of CloudForms System Engine for RHEL 6 Server | rubygem-activesupport-1:3.0.10-5.el6cf.noarch |
| Red Hat | rubygem-activerecord-1:3.0.10-8.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server | * |
| Red Hat | rubygem-activesupport-1:3.0.10-5.el6cf.noarch as a component of CloudForms Cloud Engine for RHEL 6 Server | * |
| Red Hat | rubygem-activesupport-1:3.0.10-5.el6cf.src as a component of CloudForms Cloud Engine for RHEL 6 Server | rubygem-activesupport-1:3.0.10-5.el6cf.src |
Exploit Intelligence
- Modified ruby script for RCE (github-poc)
- This script is specifically designed to solve the challenge on PentesterLab for the CVE-2013-0156 exploit (github-poc)
- Pseudo shell for CVE-2013-0156. (github-poc)
- Arbitrary deserialization that can be used to trigger SQL injection and even Code execution (github-poc)
- Bootstrapped Rails 3.2.10 to test the remote code exploit CVE-2013-0156 (github-poc)
- crack repo from jnunemaker but with version 0.1.8 and rails CVE-2013-0156 vulnerability fixed (github-poc)
- Inspect all of your heroku apps to see if they are running a vulnerable version of Rails (github-poc)
- Silly Rails App to demonstrate vuln CVE-2013-0156 (github-poc)
- .bundler-audit.yml (github-poc)
- .bundler-audit.yml (github-poc)
…and 22 more exploits
Timeline
- Jan 10, 2013 CVE Published
- Jan 14, 2013 PoC Published
- Apr 25, 2013 PoC Published
- May 27, 2014 PoC Published
- May 14, 2016 PoC Published
- Mar 20, 2020 PoC Published
- Mar 27, 2026 CVE Updated
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Distribution Patch
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
- Apr 29, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2013:0155 advisory
- https://access.redhat.com/security/updates/classification/#critical advisory
- https://access.redhat.com/knowledge/solutions/290903 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=889649 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=892866 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=892870 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0155.json advisory
- https://access.redhat.com/security/cve/CVE-2012-6496 advisory
- https://www.cve.org/CVERecord?id=CVE-2012-6496 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2012-6496 advisory
- http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html advisory
- https://access.redhat.com/security/cve/CVE-2013-0155 advisory
- https://www.cve.org/CVERecord?id=CVE-2013-0155 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2013-0155 advisory
- https://access.redhat.com/security/cve/CVE-2013-0156 advisory
- https://www.cve.org/CVERecord?id=CVE-2013-0156 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2013-0156 advisory