Vulnerability Details : CVE-2021-27582
Potential exploit
org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment (aka Autobinding) vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth authorization flow, in which HTTP request parameters affect an authorizationRequest.
Products affected by CVE-2021-27582
- cpe:2.3:a:mitreid:connect:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-27582
0.62%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-27582
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST | |
|
9.1
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.9
|
5.2
|
NIST |
CWE ids for CVE-2021-27582
-
The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-27582
-
http://agrrrdog.blogspot.com/2017/03/autobinding-vulns-and-spring-mvc.html
GreenDog's blog: Autobinding vulns and Spring MVCExploit;Third Party Advisory
-
https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/commit/7eba3c12fed82388f917e8dd9b73e86e3a311e4c
Fix Spring Autobinding vulnerability · mitreid-connect/OpenID-Connect-Java-Spring-Server@7eba3c1 · GitHubPatch;Third Party Advisory
-
https://portswigger.net/research/hidden-oauth-attack-vectors
Hidden OAuth attack vectors | PortSwigger ResearchExploit;Third Party Advisory
Jump to