CVE-2013-0233

MEDIUM severity · CVSS 6.8 · CWE-399

6.8CVSS MEDIUM

Summary

Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.

Impact & exploitability

Attack vectorNetwork

Attack complexity—

Privileges required—

User interaction—

Confidentiality impact—

Integrity impact—

Availability impact—

Exploit probability (EPSS)69%

AV:N/AC:M/Au:N/C:P/I:P/A:P

Affected products we track (1)

Ruby

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information

NVD record
http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/Advisory
http://blog.plataformatec.com.br/2013/01/security-announcement-devise-v2-2-3-v2-1-3-v2-0-5-and-v1-5-3-released/Advisory
http://lists.opensuse.org/opensuse-updates/2013-03/msg00000.html
http://www.openwall.com/lists/oss-security/2013/01/29/3
http://www.securityfocus.com/bid/57577
https://github.com/Snorby/snorby/issues/261
http://www.metasploit.com/modules/auxiliary/admin/http/rails_devise_pass_resetExploit
http://www.phenoelit.org/blog/archives/2013/02/05/mysql_madness_and_rails/index.htmlExploit