CVE Vulnerabilities

CVE-2016-4977

Published: May 25, 2017 | Modified: Nov 07, 2023
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.

Affected Software

Name Vendor Start Version End Version
Spring_security_oauth Pivotal 2.0.4 2.0.4
Spring_security_oauth Pivotal 2.0.3 2.0.3
Spring_security_oauth Pivotal 1.0.2 1.0.2
Spring_security_oauth Pivotal 1.0.4 1.0.4
Spring_security_oauth Pivotal 2.0.6 2.0.6
Spring_security_oauth Pivotal 2.0.5 2.0.5
Spring_security_oauth Pivotal 1.0.3 1.0.3
Spring_security_oauth Pivotal 2.0.9 2.0.9
Spring_security_oauth Pivotal 1.0.1 1.0.1
Spring_security_oauth Pivotal 2.0.0 2.0.0
Spring_security_oauth Pivotal 1.0.5 1.0.5
Spring_security_oauth Pivotal 2.0.2 2.0.2
Spring_security_oauth Pivotal 2.0.8 2.0.8
Spring_security_oauth Pivotal 2.0.7 2.0.7
Spring_security_oauth Pivotal 2.0.1 2.0.1
Spring_security_oauth Pivotal 1.0.0 1.0.0

References