{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-20873", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "assignerShortName": "vmware", "dateUpdated": "2024-08-02T09:21:33.339Z", "dateReserved": "2022-11-01T00:00:00", "datePublished": "2023-04-20T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2023-08-28T12:58:21.690605"}, "descriptions": [{"lang": "en", "value": "In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+."}], "affected": [{"vendor": "n/a", "product": "Spring Boot", "versions": [{"version": "Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions", "status": "affected"}]}], "references": [{"url": "https://spring.io/security/cve-2023-20873"}, {"url": "https://security.netapp.com/advisory/ntap-20230601-0009/"}, {"url": "https://spring.io/blog/2023/05/18/spring-boot-2-5-15-and-2-6-15-available-now"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Security Bypass with Spring Boot when deployed to Cloud Foundry"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:21:33.339Z"}, "title": "CVE Program Container", "references": [{"url": "https://spring.io/security/cve-2023-20873", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20230601-0009/", "tags": ["x_transferred"]}, {"url": "https://spring.io/blog/2023/05/18/spring-boot-2-5-15-and-2-6-15-available-now", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A1932B4-20A2-4ADF-B631-8BF26E7FF0BC", "versionEndExcluding": "2.5.15", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "45ABFC0F-28B7-436E-8868-28E64A4C3110", "versionEndExcluding": "2.6.14", "versionStartIncluding": "2.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "E03EEFE1-487C-4924-AE1E-864067CD381F", "versionEndExcluding": "2.7.11", "versionStartIncluding": "2.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "5383A7EE-8667-455F-9B4E-08200F831007", "versionEndExcluding": "3.0.6", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+."}], "id": "CVE-2023-20873", "lastModified": "2024-11-21T07:41:44.143", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-20T21:15:08.717", "references": [{"source": "security@vmware.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230601-0009/"}, {"source": "security@vmware.com", "url": "https://spring.io/blog/2023/05/18/spring-boot-2-5-15-and-2-6-15-available-now"}, {"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://spring.io/security/cve-2023-20873"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20230601-0009/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://spring.io/blog/2023/05/18/spring-boot-2-5-15-and-2-6-15-available-now"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://spring.io/security/cve-2023-20873"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2023:7678", "cpe": "cpe:/a:redhat:amq_streams:2", "package": "spring-boot", "product_name": "Red Hat AMQ Streams 2.6.0", "release_date": "2023-12-06T00:00:00Z"}, {"advisory": "RHSA-2023:5147", "cpe": "cpe:/a:redhat:camel_spring_boot:3.18", "package": "spring-boot", "product_name": "RHINT Camel-Springboot 3.18.3.2", "release_date": "2023-09-13T00:00:00Z"}, {"advisory": "RHSA-2023:5148", "cpe": "cpe:/a:redhat:camel_spring_boot:3.20", "package": "spring-boot", "product_name": "RHINT Camel-Springboot 3.20.2", "release_date": "2023-09-13T00:00:00Z"}], "bugzilla": {"description": "spring-boot: Security Bypass With Wildcard Pattern Matching on Cloud Foundry", "id": "2231491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231491"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-284", "details": ["In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.", "A flaw was found in Spring Boot. This targets specifically 'spring-boot-actuator-autoconfigure' package. This issue occurs when an application is deployed to Cloud Foundry, which could be susceptible to a security bypass.\nSpecifically, an application is vulnerable when all of the following are true:\n* You have code that can handle requests that match /cloudfoundryapplication/**. Typically, this will be if there is a catch-all request mapping which matches /**.\n* The application is deployed to Cloud Foundry.\nAn application is not vulnerable if any of the following is true:\n* The application is not deployed to Cloud Foundry\n* You have disabled Cloud Foundry actuator endpoints with management.cloudfoundry.enabled set to false.\n* Your application does not have handler mappings that can handle requests to /cloudfoundryapplication/**."], "mitigation": {"lang": "en:us", "value": "Disable Cloud Foundry actuator endpoints by setting 'management.cloudfoundry.enabled' to false."}, "name": "CVE-2023-20873", "package_state": [{"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat AMQ Broker 7"}, {"cpe": "cpe:/a:redhat:optaplanner:::el6", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat build of OptaPlanner 8"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Affected", "impact": "low", "package_name": "spring-boot", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "log4j:2/log4j", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "log4j", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Out of support scope", "package_name": "spring-boot", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Fix deferred", "impact": "low", "package_name": "spring-boot", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Fix deferred", "impact": "low", "package_name": "spring-boot", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "package_name": "spring-boot", "product_name": "Red Hat support for Spring Boot"}], "public_date": "2023-05-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-20873\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20873\nhttps://github.com/advisories/GHSA-g5h3-w546-pj7f\nhttps://spring.io/security/cve-2023-20873/"], "statement": "The following Red Hat products do not ship the affected software component and so are not affected:\n* Red Hat Enterprise Linux 8, 9\n* Enterprise Application Platform 6, 7, 8, XP\n* Data Grid 7, 8\n* Migration Toolkit for Runtimes\n* Red Hat Build of OptaPlanner\n* Red Hat Integration Camel-K\n* Red Hat AMQ Broker 7\n* Red Hat AMQ Clients 2\n* Red Hat AMQ Streams 2\n* Red Hat Fuse 6\n* Red Hat Fuse 7\n* Red Hat VertX 4\nThe following Red Hat products ship the affected software but do not enable or do not ship the vulnerable classes, and so are affected but at Low security impact.\n* Red Hat Decision Manager 7\n* Red Hat Process Automation Manager 7\n* Red Hat Single Sign-On 7", "threat_severity": "Important", "upstream_fix": "spring-boot 2.5.15, spring-boot 2.6.15, spring-boot 2.7.11, spring-boot 3.0.6"}