CVE-2020-5397 - Vulnerability Details

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Application Testing Suite Communications Brm - Elastic Charging Engine Communications Diameter Signaling Router Communications Element Manager Communications Policy Management Communications Session Route Manager Enterprise Manager Base Platform Financial Services Regulatory Reporting With Agilereporter Flexcube Private Banking Healthcare Master Person Index Insurance Calculation Engine Insurance Policy Administration J2ee Insurance Rules Palette Mysql Enterprise Monitor Rapid Planning Retail Assortment Planning Retail Back Office Retail Central Office Retail Financial Integration Retail Integration Bus Retail Order Broker Retail Point-of-service Retail Predictive Application Server Retail Returns Management Retail Service Backbone Weblogic Server
Vmware	Spring Framework

Configuration 1 [-]

cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*
	cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3:::::::*
	cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0:::::::*
	cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::
	cpe:2.3:a:oracle:communications_element_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_element_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_element_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:communications_policy_management:12.5.0:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.1.0:::::::*
	cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:::::::*
	cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:::::::*
	cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:::::::*
	cpe:2.3:a:oracle:healthcare_master_person_index:4.0.2:::::::*
	cpe:2.3:a:oracle:insurance_calculation_engine::::::::
	cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:::::::*
	cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.4:::::::*
	cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.0.2:::::::*
	cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.1.0:::::::*
	cpe:2.3:a:oracle:insurance_policy_administration_j2ee:11.2.0:::::::*
	cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:::::::*
	cpe:2.3:a:oracle:insurance_rules_palette:10.2.4:::::::*
	cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:::::::*
	cpe:2.3:a:oracle:insurance_rules_palette:11.1.0:::::::*
	cpe:2.3:a:oracle:insurance_rules_palette:11.2.0:::::::*
	cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::
	cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::
	cpe:2.3:a:oracle:rapid_planning:12.1:::::::*
	cpe:2.3:a:oracle:rapid_planning:12.2:::::::*
	cpe:2.3:a:oracle:retail_assortment_planning:15.0:::::::*
	cpe:2.3:a:oracle:retail_assortment_planning:16.0:::::::*
	cpe:2.3:a:oracle:retail_back_office:14.1:::::::*
	cpe:2.3:a:oracle:retail_central_office:14.1:::::::*
	cpe:2.3:a:oracle:retail_financial_integration:15.0:::::::*
	cpe:2.3:a:oracle:retail_financial_integration:16.0:::::::*
	cpe:2.3:a:oracle:retail_integration_bus:15.0.3:::::::*
	cpe:2.3:a:oracle:retail_integration_bus:16.0.3:::::::*
	cpe:2.3:a:oracle:retail_order_broker:15.0:::::::*
	cpe:2.3:a:oracle:retail_order_broker:16.0:::::::*
	cpe:2.3:a:oracle:retail_point-of-service:14.1:::::::*
	cpe:2.3:a:oracle:retail_predictive_application_server:14.0.3:::::::*
	cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3:::::::*
	cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3.0:::::::*
	cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.0:::::::*
	cpe:2.3:a:oracle:retail_returns_management:14.1:::::::*
	cpe:2.3:a:oracle:retail_service_backbone:15.0:::::::*
	cpe:2.3:a:oracle:retail_service_backbone:16.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*

No data.

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2020-5397
https://pivotal.io/security/cve-2020-5397
https://www.cve.org/CVERecord?id=CVE-2020-5397
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpujul2022.html
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/security-alerts/cpuoct2021.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: pivotal

Published: 2020-01-17T18:50:12.742951Z

Updated: 2024-09-17T01:45:35.621Z

Reserved: 2020-01-03T00:00:00

Link: CVE-2020-5397

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-01-17T19:15:14.727

Modified: 2024-11-21T05:34:03.850

Link: CVE-2020-5397

Redhat

Severity : Low

Publid Date: 2020-01-17T00:00:00Z

Links: CVE-2020-5397 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object