Vulnerability Details : CVE-2019-3778
Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the "redirect_uri" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. This vulnerability does not expose applications that: Act in the role of an Authorization Server and uses a different RedirectResolver implementation other than DefaultRedirectResolver, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient).
Vulnerability category: Open redirect
Products affected by CVE-2019-3778
- cpe:2.3:a:oracle:banking_corporate_lending:14.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:banking_corporate_lending:14.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:banking_corporate_lending:14.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:spring_security_oauth:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-3778
0.44%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-3778
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
3.9
|
2.5
|
NIST |
CWE ids for CVE-2019-3778
-
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.Assigned by:
- nvd@nist.gov (Primary)
- security_alert@emc.com (Secondary)
References for CVE-2019-3778
-
http://packetstormsecurity.com/files/153299/Spring-Security-OAuth-2.3-Open-Redirection.html
Spring Security OAuth 2.3 Open Redirection ≈ Packet StormThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/107153
Pivotal Spring Security OAuth CVE-2019-3778 Open Redirection VulnerabilityThird Party Advisory;VDB Entry
-
https://www.oracle.com/security-alerts/cpujan2021.html
Oracle Critical Patch Update Advisory - January 2021Third Party Advisory
-
https://pivotal.io/security/cve-2019-3778
CVE-2019-3778: Open Redirector in spring-security-oauth2 | Security | PivotalVendor Advisory
Jump to