CVE-2012-6496 : SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x

SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.

Published 2013-01-04 04:46:03

Updated 2019-08-08 15:42:46

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql Injection

Threat overview for CVE-2012-6496

Top countries where our scanners detected CVE-2012-6496

Top open port discovered on systems with this issue 80

IPs affected by CVE-2012-6496 81

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2012-6496!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2012-6496

Probability of exploitation activity in the next 30 days: 0.45%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 72 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-6496

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2012-6496

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-6496

https://groups.google.com/group/rubyonrails-security/msg/23daa048baf28b64?dmode=source&output=gplain

Google Groepen
http://rhn.redhat.com/errata/RHSA-2013-0154.html

RHSA-2013:0154 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=889649

889649 – (CVE-2012-5664, CVE-2012-6496) CVE-2012-6496 rubygem-activerecord: find_by_* SQL Injection
Exploit;Patch
http://rhn.redhat.com/errata/RHSA-2013-0155.html

Red Hat Customer Portal

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-201401-22.xml

Active Record: SQL injection (GLSA 201401-22) — Gentoo security
http://rhn.redhat.com/errata/RHSA-2013-0220.html

RHSA-2013:0220 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.securityfocus.com/bid/57084

Ruby on Rails Multiple SQL Injection Vulnerabilities

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-0544.html

RHSA-2013:0544 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/

Database Error

CVEs referencing this url

Products affected by CVE-2012-6496