Miggo Logo

CVE-2013-1856: activesupport Improper Input Validation vulnerability

N/A

CVSS Score

Basic Information

EPSS Score
0.72576%
Published
10/24/2017
Updated
11/6/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
activesupportrubygems>= 3.0.0, < 3.1.123.1.12
activesupportrubygems>= 3.2.0, < 3.2.133.2.13

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the JDOM XML parser backend not properly restricting dangerous XML features. The parse method in XmlMini_JDOM would have been responsible for configuring the DocumentBuilder parser. The advisory specifically calls out that the default JVM configuration allowed external entity processing, and the fix involved either switching parsers (to REXML) or properly securing the DocumentBuilder configuration - indicating the vulnerability resided in the XmlMini_JDOM parsing implementation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** `**tiv*Support::XmlMini_J*OM` ***k*n* in `li*/**tiv*_support/xml_mini/j*om.r*` in t** **tiv* Support *ompon*nt in Ru*y on R*ils *.*.x *n* *.*.x ***or* *.*.** *n* *.*.x ***or* *.*.**, w**n JRu*y is us**, *o*s not prop*rly r*stri*t t** **p**iliti*s

Reasoning

T** vuln*r**ility st*ms *rom t** J*OM XML p*rs*r ***k*n* not prop*rly r*stri*tin* **n**rous XML ***tur*s. T** p*rs* m*t*o* in XmlMini_J*OM woul* **v* ***n r*sponsi*l* *or *on*i*urin* t** *o*um*nt*uil**r p*rs*r. T** **visory sp**i*i**lly **lls out t**