CVE-2019-11269
Open Redirector in spring-security-oauth2
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the redirect_uri parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code.
Spring Security OAuth versiones 2.3 anteriores a 2.3.6, 2.2 anteriores a 2.2.5, 2.1 anteriores a 2.1.5 y 2.0 anteriores a 2.0.18, así como versiones anteriores no compatibles podrían ser susceptibles a un ataque de redirector abierto que pueda filtrar un código de autorización. Un usuario o atacante malicioso puede crear una solicitud para el punto final de autorización utilizando el tipo de concesión de código de autorización y especificar un URI de redireccionamiento manipulado a través del parámetro redirect_uri. Esto puede hacer que el servidor de autorización redirija el agente de usuario propietario del recurso a un URI bajo el control del atacante con el código de autorización filtrado
Spring Security OAuth versions 2.3 prior to 2.3.6 suffer from open redirection vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-04-18 CVE Reserved
- 2019-06-12 CVE Published
- 2019-06-17 First Exploit
- 2024-09-16 CVE Updated
- 2024-11-02 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/153299/Spring-Security-OAuth-2.3-Open-Redirection.html | Third Party Advisory |
|
| https://www.oracle.com/security-alerts/cpujan2021.html | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/47000 | 2019-06-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://pivotal.io/security/cve-2019-11269 | 2021-01-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Pivotal Software Search vendor "Pivotal Software" | Spring Security Oauth Search vendor "Pivotal Software" for product "Spring Security Oauth" | >= 2.0.0 < 2.0.18 Search vendor "Pivotal Software" for product "Spring Security Oauth" and version " >= 2.0.0 < 2.0.18" | - |
Affected
| ||||||
| Pivotal Software Search vendor "Pivotal Software" | Spring Security Oauth Search vendor "Pivotal Software" for product "Spring Security Oauth" | >= 2.1.0 < 2.1.5 Search vendor "Pivotal Software" for product "Spring Security Oauth" and version " >= 2.1.0 < 2.1.5" | - |
Affected
| ||||||
| Pivotal Software Search vendor "Pivotal Software" | Spring Security Oauth Search vendor "Pivotal Software" for product "Spring Security Oauth" | >= 2.2.0 < 2.2.5 Search vendor "Pivotal Software" for product "Spring Security Oauth" and version " >= 2.2.0 < 2.2.5" | - |
Affected
| ||||||
| Pivotal Software Search vendor "Pivotal Software" | Spring Security Oauth Search vendor "Pivotal Software" for product "Spring Security Oauth" | >= 2.3.0 < 2.3.6 Search vendor "Pivotal Software" for product "Spring Security Oauth" and version " >= 2.3.0 < 2.3.6" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Banking Corporate Lending Search vendor "Oracle" for product "Banking Corporate Lending" | 14.1.0 Search vendor "Oracle" for product "Banking Corporate Lending" and version "14.1.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Banking Corporate Lending Search vendor "Oracle" for product "Banking Corporate Lending" | 14.3.0 Search vendor "Oracle" for product "Banking Corporate Lending" and version "14.3.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Banking Corporate Lending Search vendor "Oracle" for product "Banking Corporate Lending" | 14.4.0 Search vendor "Oracle" for product "Banking Corporate Lending" and version "14.4.0" | - |
Affected
| ||||||