CVE-2013-0333

HIGH

Details

Source: MITRE

Published: 2013-01-30

Updated: 2019-08-08

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:rubyonrails:rails:2.3.0:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.1:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.13:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.14:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:2.3.15:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*

cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
119430RHEL 6 : rubygem-activesupport (RHSA-2013:0202)NessusRed Hat Local Security Checks
high
79981GLSA-201412-28 : Ruby on Rails: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
74881openSUSE Security Update : ruby (openSUSE-SU-2013:0278-1)NessusSuSE Local Security Checks
high
66809Mac OS X Multiple Vulnerabilities (Security Update 2013-002)NessusMacOS X Local Security Checks
critical
65578Mac OS X Multiple Vulnerabilities (Security Update 2013-001)NessusMacOS X Local Security Checks
high
64542Fedora 16 : rubygem-activesupport-3.0.10-6.fc16 (2013-1745)NessusFedora Local Security Checks
high
64540Fedora 17 : rubygem-activesupport-3.0.11-8.fc17 (2013-1710)NessusFedora Local Security Checks
high
64476Mac OS X : OS X Server < 2.2.1 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
high
64364Debian DSA-2613-1 : rails - insufficient input validationNessusDebian Local Security Checks
high
64281RHEL 6 : rubygem-activesupport in Subscription Asset Manager (RHSA-2013:0201)NessusRed Hat Local Security Checks
high