All the vulnerabilites related to pivotal - spring_security_oauth
Vulnerability from fkie_nvd
Published
2017-05-25 17:29
Modified
2024-11-21 02:53
Severity ?
Summary
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pivotal | spring_security_oauth | 1.0.0 | |
| pivotal | spring_security_oauth | 1.0.1 | |
| pivotal | spring_security_oauth | 1.0.2 | |
| pivotal | spring_security_oauth | 1.0.3 | |
| pivotal | spring_security_oauth | 1.0.4 | |
| pivotal | spring_security_oauth | 1.0.5 | |
| pivotal | spring_security_oauth | 2.0.0 | |
| pivotal | spring_security_oauth | 2.0.1 | |
| pivotal | spring_security_oauth | 2.0.2 | |
| pivotal | spring_security_oauth | 2.0.3 | |
| pivotal | spring_security_oauth | 2.0.4 | |
| pivotal | spring_security_oauth | 2.0.5 | |
| pivotal | spring_security_oauth | 2.0.6 | |
| pivotal | spring_security_oauth | 2.0.7 | |
| pivotal | spring_security_oauth | 2.0.8 | |
| pivotal | spring_security_oauth | 2.0.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "684631F6-F8D4-48B7-98F2-BDA9C39083C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3701D619-31DF-4731-834C-6155BC7E5107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "53930533-8F2C-4935-B4D2-F1A878960A2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C32C17C5-899E-4BB4-8D58-113F1D09DAE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C5F1F3A6-5484-496F-8EAA-B7A057D6DB3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5198701E-7773-431C-91BC-7851EC29FCF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF512340-8A4B-4490-AA61-D75C5887BFEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC58F72-A9EF-4E98-98B1-4A1F002CF219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "90038376-4DE6-45AD-AE66-15A303968A52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA9D0E0-4CE5-4F2D-8CF4-C56AEDB6B93B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47E67BE8-5FCB-4AE8-AF43-3D54DB4B1101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "550C588E-D34C-4875-9C19-3D83699E672D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B7396259-1CDD-4EC4-B80C-C390E369E5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6BB413-E1F7-4B8F-8BD0-A1D4C2A8A77C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6CAAB3A1-EF4D-4FB2-AEBB-758895FD0B48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7698A791-1A65-4D5B-B102-650EE874F48C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type."
},
{
"lang": "es",
"value": "Cuando se procesan las peticiones de autorizaci\u00f3n usando las vistas whitelabel en Spring Security OAuth versiones 2.0.0 hasta 2.0.9 y versiones 1.0.0 hasta 1.0.5, el valor del par\u00e1metro response_type fue ejecutado como Spring SpEL, lo que habilit\u00f3 a un usuario malicioso desencadenar la ejecuci\u00f3n de c\u00f3digo remota por medio del dise\u00f1o del valor para response_type."
}
],
"id": "CVE-2016-4977",
"lastModified": "2024-11-21T02:53:20.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-25T17:29:00.707",
"references": [
{
"source": "security_alert@emc.com",
"url": "http://www.openwall.com/lists/oss-security/2019/10/16/1"
},
{
"source": "security_alert@emc.com",
"url": "https://lists.apache.org/thread.html/0841d849c23418c473ccb9183cbf41a317cb0476e44be48022ce3488%40%3Cdev.fineract.apache.org%3E"
},
{
"source": "security_alert@emc.com",
"url": "https://lists.apache.org/thread.html/37d7e820fc65a768de3e096e98382d5529a52a039f093e59357d0bc0%40%3Cdev.fineract.apache.org%3E"
},
{
"source": "security_alert@emc.com",
"url": "https://lists.apache.org/thread.html/5e6dd946635bbcc9e1f2591599ad0fab54f2dc3714196af3b17893f2%40%3Cannounce.apache.org%3E"
},
{
"source": "security_alert@emc.com",
"url": "https://lists.apache.org/thread.html/96c017115069408cec5e82ce1e6293facab398011f6db7e1befbe274%40%3Cdev.fineract.apache.org%3E"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "https://pivotal.io/security/cve-2016-4977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/10/16/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/0841d849c23418c473ccb9183cbf41a317cb0476e44be48022ce3488%40%3Cdev.fineract.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/37d7e820fc65a768de3e096e98382d5529a52a039f093e59357d0bc0%40%3Cdev.fineract.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/5e6dd946635bbcc9e1f2591599ad0fab54f2dc3714196af3b17893f2%40%3Cannounce.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/96c017115069408cec5e82ce1e6293facab398011f6db7e1befbe274%40%3Cdev.fineract.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://pivotal.io/security/cve-2016-4977"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 19:15
Modified
2024-11-21 06:47
Severity ?
Summary
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://tanzu.vmware.com/security/cve-2022-22969 | Vendor Advisory | |
| security@vmware.com | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tanzu.vmware.com/security/cve-2022-22969 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.oracle.com/security-alerts/cpujul2022.html | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| pivotal | spring_security_oauth | * | |
| pivotal | spring_security_oauth | * | |
| oracle | communications_design_studio | 7.4.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A137BE31-252D-4B38-8C9C-E4CA2030FDB1",
"versionEndExcluding": "2.4.2",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pivotal:spring_security_oauth:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB30D32-D606-4F64-9BDE-E78F4C8A2132",
"versionEndExcluding": "2.5.2",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A67AA54B-258D-4D09-9ACB-4085E0B3E585",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\u003cIssue Description\u003e Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only."
},
{
"lang": "es",
"value": "(Descripci\u00f3n del problema) Spring Security OAuth versiones 2.5.x anteriores a 2.5.2 y las versiones m\u00e1s antiguas no soportadas, son susceptibles a un ataque de denegaci\u00f3n de servicio (DoS) por medio de la iniciaci\u00f3n de la petici\u00f3n de autorizaci\u00f3n en una aplicaci\u00f3n cliente OAuth versi\u00f3n 2.0. Un usuario o atacante malicioso puede enviar m\u00faltiples peticiones iniciando la Solicitud de Autorizaci\u00f3n para la Concesi\u00f3n del C\u00f3digo de Autorizaci\u00f3n, lo que presenta el potencial de agotar los recursos del sistema usando una sola sesi\u00f3n. Esta vulnerabilidad s\u00f3lo expone las aplicaciones OAuth versi\u00f3n 2.0 Client"
}
],
"id": "CVE-2022-22969",
"lastModified": "2024-11-21T06:47:42.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T19:15:08.903",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22969"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2016-4977
Vulnerability from cvelistv5
Published
2017-05-25 17:00
Modified
2024-08-06 00:46
Severity ?
EPSS score ?
Summary
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.
References
| ▼ | URL | Tags |
|---|---|---|
| https://pivotal.io/security/cve-2016-4977 | x_refsource_CONFIRM | |
| https://lists.apache.org/thread.html/37d7e820fc65a768de3e096e98382d5529a52a039f093e59357d0bc0%40%3Cdev.fineract.apache.org%3E | mailing-list, x_refsource_MLIST | |
| https://lists.apache.org/thread.html/0841d849c23418c473ccb9183cbf41a317cb0476e44be48022ce3488%40%3Cdev.fineract.apache.org%3E | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/10/16/1 | mailing-list, x_refsource_MLIST | |
| https://lists.apache.org/thread.html/5e6dd946635bbcc9e1f2591599ad0fab54f2dc3714196af3b17893f2%40%3Cannounce.apache.org%3E | mailing-list, x_refsource_MLIST | |
| https://lists.apache.org/thread.html/96c017115069408cec5e82ce1e6293facab398011f6db7e1befbe274%40%3Cdev.fineract.apache.org%3E | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Pivotal | Spring Security OAuth |
Version: 2.0.0 to 2.0.9 Version: 1.0.0 to 1.0.5 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2016-4977"
},
{
"name": "[fineract-dev] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/37d7e820fc65a768de3e096e98382d5529a52a039f093e59357d0bc0%40%3Cdev.fineract.apache.org%3E"
},
{
"name": "[fineract-dev] 20191016 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/0841d849c23418c473ccb9183cbf41a317cb0476e44be48022ce3488%40%3Cdev.fineract.apache.org%3E"
},
{
"name": "[oss-security] 20191015 Fwd: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/16/1"
},
{
"name": "[announce] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5e6dd946635bbcc9e1f2591599ad0fab54f2dc3714196af3b17893f2%40%3Cannounce.apache.org%3E"
},
{
"name": "[fineract-dev] 20191021 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/96c017115069408cec5e82ce1e6293facab398011f6db7e1befbe274%40%3Cdev.fineract.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spring Security OAuth",
"vendor": "Pivotal",
"versions": [
{
"status": "affected",
"version": "2.0.0 to 2.0.9"
},
{
"status": "affected",
"version": "1.0.0 to 1.0.5"
}
]
}
],
"datePublic": "2016-07-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-21T15:05:27",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2016-4977"
},
{
"name": "[fineract-dev] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/37d7e820fc65a768de3e096e98382d5529a52a039f093e59357d0bc0%40%3Cdev.fineract.apache.org%3E"
},
{
"name": "[fineract-dev] 20191016 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/0841d849c23418c473ccb9183cbf41a317cb0476e44be48022ce3488%40%3Cdev.fineract.apache.org%3E"
},
{
"name": "[oss-security] 20191015 Fwd: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/10/16/1"
},
{
"name": "[announce] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/5e6dd946635bbcc9e1f2591599ad0fab54f2dc3714196af3b17893f2%40%3Cannounce.apache.org%3E"
},
{
"name": "[fineract-dev] 20191021 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/96c017115069408cec5e82ce1e6293facab398011f6db7e1befbe274%40%3Cdev.fineract.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"ID": "CVE-2016-4977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spring Security OAuth",
"version": {
"version_data": [
{
"version_value": "2.0.0 to 2.0.9"
},
{
"version_value": "1.0.0 to 1.0.5"
}
]
}
}
]
},
"vendor_name": "Pivotal"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2016-4977",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2016-4977"
},
{
"name": "[fineract-dev] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/37d7e820fc65a768de3e096e98382d5529a52a039f093e59357d0bc0@%3Cdev.fineract.apache.org%3E"
},
{
"name": "[fineract-dev] 20191016 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/0841d849c23418c473ccb9183cbf41a317cb0476e44be48022ce3488@%3Cdev.fineract.apache.org%3E"
},
{
"name": "[oss-security] 20191015 Fwd: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/10/16/1"
},
{
"name": "[announce] 20191016 [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5e6dd946635bbcc9e1f2591599ad0fab54f2dc3714196af3b17893f2@%3Cannounce.apache.org%3E"
},
{
"name": "[fineract-dev] 20191021 Re: [CVE-2016-4977] Apache Fineract remote code execution vulnerabilities fixed in v1.3.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/96c017115069408cec5e82ce1e6293facab398011f6db7e1befbe274@%3Cdev.fineract.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2016-4977",
"datePublished": "2017-05-25T17:00:00",
"dateReserved": "2016-05-24T00:00:00",
"dateUpdated": "2024-08-06T00:46:39.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-22969
Vulnerability from cvelistv5
Published
2022-04-21 18:16
Modified
2024-08-03 03:28
Severity ?
EPSS score ?
Summary
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tanzu.vmware.com/security/cve-2022-22969 | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Spring Security OAuth |
Version: <affected versions> Spring Security OAuth 2.5.x prior to 2.5.2 and older unsupported versions |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22969"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spring Security OAuth",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "\u003caffected versions\u003e Spring Security OAuth 2.5.x prior to 2.5.2 and older unsupported versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "\u003cIssue Description\u003e Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T16:47:21",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tanzu.vmware.com/security/cve-2022-22969"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spring Security OAuth",
"version": {
"version_data": [
{
"version_value": "\u003caffected versions\u003e Spring Security OAuth 2.5.x prior to 2.5.2 and older unsupported versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\u003cIssue Description\u003e Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tanzu.vmware.com/security/cve-2022-22969",
"refsource": "MISC",
"url": "https://tanzu.vmware.com/security/cve-2022-22969"
},
{
"name": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22969",
"datePublished": "2022-04-21T18:16:02",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}