CVE-2022-31690
spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token.
Spring Security, las versiones 5.7 anteriores a 5.7.5 y 5.6 anteriores a 5.6.9 y las versiones anteriores no compatibles podrían ser susceptibles a una escalada de privilegios bajo ciertas condiciones. Un usuario malicioso o un atacante puede modificar una solicitud iniciada por el Cliente (a través del navegador) al Servidor de Autorización, lo que puede provocar una escalada de privilegios en la aprobación posterior. Este escenario puede ocurrir si el Servidor de Autorización con OAuth2 Access Token Response que contiene una lista de alcance vacía (según RFC 6749, sección 5.1) en la solicitud posterior al extremo del token para obtener el token de acceso.
A flaw was found in the Spring Security framework. Spring Security could allow a remote attacker to gain elevated privileges on the system. By modifying a request initiated by the Client (via the browser) to the Authorization Server, an attacker can gain elevated privileges on the system.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-05-25 CVE Reserved
- 2022-10-31 CVE Published
- 2024-05-23 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20221215-0010 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tanzu.vmware.com/security/cve-2022-31690 | 2023-08-08 | |
| https://access.redhat.com/security/cve/CVE-2022-31690 | 2023-04-27 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2162200 | 2023-04-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Vmware Search vendor "Vmware" | Spring Security Search vendor "Vmware" for product "Spring Security" | >= 5.6.0 < 5.6.9 Search vendor "Vmware" for product "Spring Security" and version " >= 5.6.0 < 5.6.9" | - |
Affected
| ||||||
| Vmware Search vendor "Vmware" | Spring Security Search vendor "Vmware" for product "Spring Security" | >= 5.7.0 < 5.7.5 Search vendor "Vmware" for product "Spring Security" and version " >= 5.7.0 < 5.7.5" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | vmware_vsphere |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Active Iq Unified Manager Search vendor "Netapp" for product "Active Iq Unified Manager" | - | windows |
Affected
| ||||||