CVE-2014-0130
Ruby on Rails Directory Traversal Vulnerability
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
Act
*SSVC
Descriptions
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to read arbitrary files via a crafted request.
Vulnerabilidad de salto de directorio en actionpack/lib/abstract_controller/base.rb en la implementación implicit-render en Ruby on Rails anterior a 3.2.18, 4.0.x anterior a 4.0.5 y 4.1.x anterior a 4.1.1, cuando ciertas configuraciones de coincidencia de patrones en rutas basadas en caracteres comodín (globbing) están habilitadas, permite a atacantes remotos leer archivos arbitrarios a través de una solicitud manipulada.
A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request.
Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. The SSH utility script created a world-writable file in /tmp/ using a predictable name, and then executed it as root. A local attacker could use this flaw to execute arbitrary commands as the root user. A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request.
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Act
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-12-03 CVE Reserved
- 2014-05-07 CVE Published
- 2022-03-25 Exploited in Wild
- 2022-04-15 KEV Due Date
- 2024-08-12 First Exploit
- 2025-02-07 CVE Updated
- 2025-03-30 EPSS Updated
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://matasano.com/research/AnatomyOfRailsVuln-CVE-2014-0130.pdf | Technical Description | |
| http://www.securityfocus.com/bid/67244 | Third Party Advisory | |
| https://groups.google.com/forum/message/raw?msg=rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ | Mailing List |
| URL | Date | SRC |
|---|---|---|
| https://github.com/omarkurt/cve-2014-0130 | 2024-08-12 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-1863.html | 2023-02-13 | |
| https://access.redhat.com/security/cve/CVE-2014-0130 | 2014-11-17 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1095105 | 2014-11-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Subscription Asset Manager Search vendor "Redhat" for product "Subscription Asset Manager" | <= 1.3.0 Search vendor "Redhat" for product "Subscription Asset Manager" and version " <= 1.3.0" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.0 Search vendor "Rubyonrails" for product "Rails" and version "3.2.0" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.0 Search vendor "Rubyonrails" for product "Rails" and version "3.2.0" | rc1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.0 Search vendor "Rubyonrails" for product "Rails" and version "3.2.0" | rc2 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.1 Search vendor "Rubyonrails" for product "Rails" and version "3.2.1" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.2 Search vendor "Rubyonrails" for product "Rails" and version "3.2.2" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.2 Search vendor "Rubyonrails" for product "Rails" and version "3.2.2" | rc1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.3 Search vendor "Rubyonrails" for product "Rails" and version "3.2.3" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.3 Search vendor "Rubyonrails" for product "Rails" and version "3.2.3" | rc1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.3 Search vendor "Rubyonrails" for product "Rails" and version "3.2.3" | rc2 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.4 Search vendor "Rubyonrails" for product "Rails" and version "3.2.4" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.4 Search vendor "Rubyonrails" for product "Rails" and version "3.2.4" | rc1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.5 Search vendor "Rubyonrails" for product "Rails" and version "3.2.5" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.6 Search vendor "Rubyonrails" for product "Rails" and version "3.2.6" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.7 Search vendor "Rubyonrails" for product "Rails" and version "3.2.7" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.8 Search vendor "Rubyonrails" for product "Rails" and version "3.2.8" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.9 Search vendor "Rubyonrails" for product "Rails" and version "3.2.9" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.10 Search vendor "Rubyonrails" for product "Rails" and version "3.2.10" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.11 Search vendor "Rubyonrails" for product "Rails" and version "3.2.11" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.12 Search vendor "Rubyonrails" for product "Rails" and version "3.2.12" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.13 Search vendor "Rubyonrails" for product "Rails" and version "3.2.13" | rc1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.13 Search vendor "Rubyonrails" for product "Rails" and version "3.2.13" | rc2 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.15 Search vendor "Rubyonrails" for product "Rails" and version "3.2.15" | rc3 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 3.2.16 Search vendor "Rubyonrails" for product "Rails" and version "3.2.16" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.0 Search vendor "Rubyonrails" for product "Rails" and version "4.0.0" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.0 Search vendor "Rubyonrails" for product "Rails" and version "4.0.0" | beta |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.0 Search vendor "Rubyonrails" for product "Rails" and version "4.0.0" | rc1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.0 Search vendor "Rubyonrails" for product "Rails" and version "4.0.0" | rc2 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.1 Search vendor "Rubyonrails" for product "Rails" and version "4.0.1" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.1 Search vendor "Rubyonrails" for product "Rails" and version "4.0.1" | rc1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.1 Search vendor "Rubyonrails" for product "Rails" and version "4.0.1" | rc2 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.1 Search vendor "Rubyonrails" for product "Rails" and version "4.0.1" | rc3 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.1 Search vendor "Rubyonrails" for product "Rails" and version "4.0.1" | rc4 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.2 Search vendor "Rubyonrails" for product "Rails" and version "4.0.2" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.3 Search vendor "Rubyonrails" for product "Rails" and version "4.0.3" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.0.4 Search vendor "Rubyonrails" for product "Rails" and version "4.0.4" | - |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.1.0 Search vendor "Rubyonrails" for product "Rails" and version "4.1.0" | - |
Safe
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Rails Search vendor "Rubyonrails" for product "Rails" | 4.1.0 Search vendor "Rubyonrails" for product "Rails" and version "4.1.0" | beta1 |
Affected
| ||||||
| Rubyonrails Search vendor "Rubyonrails" | Ruby On Rails Search vendor "Rubyonrails" for product "Ruby On Rails" | <= 3.2.17 Search vendor "Rubyonrails" for product "Ruby On Rails" and version " <= 3.2.17" | - |
Affected
| ||||||