GSD-2014-3514
Vulnerability from gsd - Updated: 2014-08-18 00:00Details
The create_with functionality in Active Record was implemented incorrectly and completely bypasses the strong parameters protection. Applications which pass user-controlled values to create_with could allow attackers to set arbitrary attributes on models.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2014-3514",
"description": "activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes create_with calls.",
"id": "GSD-2014-3514",
"references": [
"https://www.suse.com/security/cve/CVE-2014-3514.html",
"https://access.redhat.com/errata/RHSA-2014:1102"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "activerecord",
"purl": "pkg:gem/activerecord"
}
}
],
"aliases": [
"CVE-2014-3514"
],
"details": "The create_with functionality in Active Record was implemented incorrectly and completely bypasses the strong parameters protection. Applications which pass user-controlled values to create_with could allow attackers to set arbitrary attributes on models.",
"id": "GSD-2014-3514",
"modified": "2014-08-18T00:00:00.000Z",
"published": "2014-08-18T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 8.7,
"type": "CVSS_V2"
}
],
"summary": "Data Injection Vulnerability in Active Record"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes create_with calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[rubyonrails-security] 20140818 [Ruby on Rails] [CVE-2014-3514] Strong Parameter bypass with create_with",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"
},
{
"name": "60347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60347"
},
{
"name": "[oss-security] 20140814 [Ruby on Rails] [CVE-2014-3514] Strong Parameter bypass with create_with",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/08/18/10"
},
{
"name": "RHSA-2014:1102",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1102.html"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2014-3514",
"cvss_v2": 8.7,
"date": "2014-08-18",
"description": "The create_with functionality in Active Record was implemented incorrectly and completely bypasses the strong parameters protection. Applications which pass user-controlled values to create_with could allow attackers to set arbitrary attributes on models.",
"framework": "rails",
"gem": "activerecord",
"patched_versions": [
"~\u003e 4.0.9",
"\u003e= 4.1.5"
],
"title": "Data Injection Vulnerability in Active Record",
"unaffected_versions": [
"\u003c 4.0.0"
],
"url": "https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e4.0.0 \u003c4.0.9||\u003e4.1.0 \u003c4.1.5",
"affected_versions": "All versions after 4.0.0 before 4.0.9, all versions after 4.1.0 before 4.1.5",
"credit": "Reported by Stephen Touset of Square.\r\nJeff Jarmoc of Matasano and Charlie Somerville of GitHub for helping verify the patches and advisories.",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cwe_ids": [
"CWE-1035",
"CWE-264",
"CWE-937"
],
"date": "2019-08-08",
"description": "The `create_with` functionality in Active Record was implemented incorrectly and completely bypasses the strong parameter protection.",
"fixed_versions": [
"4.0.9",
"4.1.5"
],
"identifier": "CVE-2014-3514",
"identifiers": [
"CVE-2014-3514"
],
"not_impacted": "Versions earlier than 4.0.0, and greater than or equal to 4.0.9 and 4.1.5",
"package_slug": "gem/activerecord",
"pubdate": "2014-08-20",
"solution": "Upgrade to latest.",
"title": "Strong Parameter bypass with create_with",
"urls": [
"https://groups.google.com/forum/#!topic/ruby-security-ann/M4chq5Sb540"
],
"uuid": "761f2ce1-8e66-4956-908b-27e63d79c9c6"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.6:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3514"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes create_with calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140814 [Ruby on Rails] [CVE-2014-3514] Strong Parameter bypass with create_with",
"refsource": "MLIST",
"tags": [],
"url": "http://openwall.com/lists/oss-security/2014/08/18/10"
},
{
"name": "[rubyonrails-security] 20140818 [Ruby on Rails] [CVE-2014-3514] Strong Parameter bypass with create_with",
"refsource": "MLIST",
"tags": [],
"url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ"
},
{
"name": "RHSA-2014:1102",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1102.html"
},
{
"name": "60347",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/60347"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2019-08-08T15:43Z",
"publishedDate": "2014-08-20T11:17Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…