CVE-2019-3797 : This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the

This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. Derived queries using any of the predicates ‘startingWith’, ‘endingWith’ or ‘containing’ could return more results than anticipated when a maliciously crafted query parameter value is supplied. Also, LIKE expressions in manually defined queries could return unexpected results if the parameter values bound did not have escaped reserved characters properly.

Published 2019-05-06 16:29:01

Updated 2020-02-10 21:52:46

Source Dell

View at NVD, CVE.org

Vulnerability category: Sql InjectionInformation leak

Exploit prediction scoring system (EPSS) score for CVE-2019-3797

Probability of exploitation activity in the next 30 days: 0.08%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 35 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2019-3797

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None
3.5	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N	2.1	1.4	Dell
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2019-3797

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

Assigned by: security_alert@emc.com (Secondary)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-3797

https://pivotal.io/security/cve-2019-3797

CVE-2019-3797: Additional information exposure with Spring Data JPA derived queries | Security | Pivotal
Vendor Advisory

Products affected by CVE-2019-3797

Pivotal Software » Spring Data Java Persistence Api
Versions from including (>=) 2.1.0 and up to, including, (<=) 2.1.5
cpe:2.3:a:pivotal_software:spring_data_java_persistence_api:*:*:*:*:*:*:*:*
Matching versions
Pivotal Software » Spring Data Java Persistence Api
Versions from including (>=) 2.0.0 and up to, including, (<=) 2.0.13
cpe:2.3:a:pivotal_software:spring_data_java_persistence_api:*:*:*:*:*:*:*:*
Matching versions
Pivotal Software » Spring Data Java Persistence Api
Versions from including (>=) 1.11.0 and up to, including, (<=) 1.11.19
cpe:2.3:a:pivotal_software:spring_data_java_persistence_api:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2019-3797

Exploit prediction scoring system (EPSS) score for CVE-2019-3797

CVSS scores for CVE-2019-3797

CWE ids for CVE-2019-3797

References for CVE-2019-3797

Products affected by CVE-2019-3797