CVE-2014-0130

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-0130
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf Technical Description
http://rhn.redhat.com/errata/RHSA-2014-1863.html Third Party Advisory
http://www.securityfocus.com/bid/67244 Third Party Advisory VDB Entry
https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:subscription_asset_manager:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.13:rc1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.13:rc2:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.15:rc3:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:3.2.16:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.1:-:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.1:rc2:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.1:rc3:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.1:rc4:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*
History

13 Feb 2023, 00:32

Type Values Removed Values Added
Summary A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request. Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
References
  • {'url': 'https://access.redhat.com/errata/RHSA-2014:0510', 'name': 'https://access.redhat.com/errata/RHSA-2014:0510', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2014:0816', 'name': 'https://access.redhat.com/errata/RHSA-2014:0816', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2014-0130', 'name': 'https://access.redhat.com/security/cve/CVE-2014-0130', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2014:1863', 'name': 'https://access.redhat.com/errata/RHSA-2014:1863', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1095105', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1095105', 'tags': [], 'refsource': 'MISC'}

02 Feb 2023, 20:16

Type Values Removed Values Added
Summary Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request. A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request.
References
  • (MISC) https://access.redhat.com/errata/RHSA-2014:0510 -
  • (MISC) https://access.redhat.com/errata/RHSA-2014:0816 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2014-0130 -
  • (MISC) https://access.redhat.com/errata/RHSA-2014:1863 -
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1095105 -
Information

Published : 2014-05-07 10:55

Updated : 2023-12-10 11:31

NVD link : CVE-2014-0130

Mitre link : CVE-2014-0130

CVE.ORG link : CVE-2014-0130

JSON object : View

Products Affected

rubyonrails

  • ruby_on_rails
  • rails

redhat

  • subscription_asset_manager
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')