{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-22243", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2024-01-08T18:43:03.535Z", "datePublished": "2024-02-23T05:03:54.426Z", "dateUpdated": "2025-02-13T17:33:38.355Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Spring Framework", "vendor": "Spring", "versions": [{"lessThan": "6.0.17", "status": "affected", "version": "6.0.x", "versionType": "6.0.17"}, {"lessThan": "6.1.4", "status": "affected", "version": "6.1.x", "versionType": "6.1.4"}, {"lessThan": "5.3.32", "status": "affected", "version": "5.3.x", "versionType": "5.3.32"}]}], "datePublic": "2024-02-21T16:18:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Applications that use </span><code>UriComponentsBuilder</code><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;to parse an externally provided URL (e.g. through a query parameter) </span><em>AND</em><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\">open redirect</a><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.</span><br>"}], "value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2024-06-10T17:09:48.637Z"}, "references": [{"url": "https://spring.io/security/cve-2024-22243"}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0001/"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE-2024-22243: Spring Framework URL Parsing with Host Validation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-601", "lang": "en", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "affected": [{"vendor": "vmware", "product": "spring_framework", "cpes": ["cpe:2.3:a:vmware:spring_framework:6.0.0:-:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.0.0", "status": "affected", "lessThan": "6.0.17", "versionType": "custom"}]}, {"vendor": "vmware", "product": "spring_framework", "cpes": ["cpe:2.3:a:vmware:spring_framework:6.1.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.1.0", "status": "affected", "lessThan": "6.1.4", "versionType": "custom"}]}, {"vendor": "pivotal_software", "product": "spring_framework", "cpes": ["cpe:2.3:a:pivotal_software:spring_framework:5.3.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.3.0", "status": "affected", "lessThan": "5.3.32", "versionType": "custom"}]}, {"vendor": "netapp", "product": "active_iq_unified_manager", "cpes": ["cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.0", "status": "affected"}]}, {"vendor": "netapp", "product": "active_iq_unified_manager", "cpes": ["cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.0", "status": "affected"}]}, {"vendor": "netapp", "product": "active_iq_unified_manager", "cpes": ["cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-27T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2024-22243"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T03:55:12.310Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://spring.io/security/cve-2024-22243", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0001/", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Sep/24"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-10T05:02:44.560Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://spring.io/security/cve-2024-22243", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0001/", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2024/Sep/24"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-09-10T05:02:44.560Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-22243", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-19T03:55:25.364112Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:vmware:spring_framework:6.0.0:-:*:*:*:*:*:*"], "vendor": "vmware", "product": "spring_framework", "versions": [{"status": "affected", "version": "6.0.0", "lessThan": "6.0.17", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:vmware:spring_framework:6.1.0:*:*:*:*:*:*:*"], "vendor": "vmware", "product": "spring_framework", "versions": [{"status": "affected", "version": "6.1.0", "lessThan": "6.1.4", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:pivotal_software:spring_framework:5.3.0:*:*:*:*:*:*:*"], "vendor": "pivotal_software", "product": "spring_framework", "versions": [{"status": "affected", "version": "5.3.0", "lessThan": "5.3.32", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*"], "vendor": "netapp", "product": "active_iq_unified_manager", "versions": [{"status": "affected", "version": "5.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*"], "vendor": "netapp", "product": "active_iq_unified_manager", "versions": [{"status": "affected", "version": "5.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*"], "vendor": "netapp", "product": "active_iq_unified_manager", "versions": [{"status": "affected", "version": "5.0"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-27T21:08:24.300Z"}}], "cna": {"title": "CVE-2024-22243: Spring Framework URL Parsing with Host Validation", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Spring", "product": "Spring Framework", "versions": [{"status": "affected", "version": "6.0.x", "lessThan": "6.0.17", "versionType": "6.0.17"}, {"status": "affected", "version": "6.1.x", "lessThan": "6.1.4", "versionType": "6.1.4"}, {"status": "affected", "version": "5.3.x", "lessThan": "5.3.32", "versionType": "5.3.32"}], "defaultStatus": "affected"}], "datePublic": "2024-02-21T16:18:00.000Z", "references": [{"url": "https://spring.io/security/cve-2024-22243"}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0001/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Applications that use </span><code>UriComponentsBuilder</code><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;to parse an externally provided URL (e.g. through a query parameter) </span><em>AND</em><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\">open redirect</a><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.</span><br>", "base64": false}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2024-02-23T05:03:54.426Z"}}}, "cveMetadata": {"cveId": "CVE-2024-22243", "state": "PUBLISHED", "dateUpdated": "2024-09-10T05:02:44.560Z", "dateReserved": "2024-01-08T18:43:03.535Z", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "datePublished": "2024-02-23T05:03:54.426Z", "assignerShortName": "vmware"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks."}, {"lang": "es", "value": "Las aplicaciones que utilizan UriComponentsBuilder para analizar una URL proporcionada externamente (por ejemplo, a trav\u00e9s de un par\u00e1metro de consulta) Y realizan comprobaciones de validaci\u00f3n en el host de la URL analizada pueden ser vulnerables a una redirecci\u00f3n abierta https://cwe.mitre.org/data/definitions/601 .html o a un ataque SSRF si la URL se utiliza despu\u00e9s de pasar las comprobaciones de validaci\u00f3n."}], "id": "CVE-2024-22243", "lastModified": "2025-02-13T18:16:47.530", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "security@vmware.com", "type": "Secondary"}]}, "published": "2024-02-23T05:15:08.143", "references": [{"source": "security@vmware.com", "url": "https://security.netapp.com/advisory/ntap-20240524-0001/"}, {"source": "security@vmware.com", "url": "https://spring.io/security/cve-2024-22243"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Sep/24"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20240524-0001/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://spring.io/security/cve-2024-22243"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Sean Pesce (Motorola Solutions) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2024:3354", "cpe": "cpe:/a:redhat:jboss_fuse:7", "package": "springframework", "product_name": "Red Hat Fuse 7.13.0", "release_date": "2024-05-23T00:00:00Z"}], "bugzilla": {"description": "springframework: URL Parsing with Host Validation", "id": "2265735", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265735"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N", "status": "verified"}, "cwe": "CWE-601", "details": ["Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.", "A vulnerability was discovered in Spring Framework. Under certain conditions, an attacker might be able to trigger an open redirect. This issue can simplify the process of conducting a phishing attack against users of the deployment."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-22243", "package_state": [{"cpe": "cpe:/a:redhat:camel_spring_boot:3", "fix_state": "Out of support scope", "package_name": "springframework", "product_name": "Red Hat build of Apache Camel for Spring Boot 3"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "springframework", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "springframework", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:amq_streams:1", "fix_state": "Will not fix", "package_name": "springframework", "product_name": "streams for Apache Kafka"}], "public_date": "2024-02-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-22243\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-22243\nhttps://spring.io/security/cve-2024-22243"], "statement": "The open redirect vulnerability discovered in the Spring Framework poses a moderate severity issue due to its potential to facilitate phishing attacks. While it doesn't directly lead to data compromise or system takeover, it significantly increases the likelihood of users being misled into visiting malicious websites.", "threat_severity": "Moderate", "upstream_fix": "springframework 6.1.4, springframework 6.0.17, springframework 5.3.32"}