CVE-2024-22262 - OpenCVE

Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

No data.

No data.

References

Link	Resource
https://security.netapp.com/advisory/ntap-20240524-0003/
https://spring.io/security/cve-2024-22262

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: vmware

Published: 2024-04-16T05:54:12.786Z

Updated: 2024-06-28T03:55:23.199Z

Reserved: 2024-01-08T18:43:17.077Z

Link: CVE-2024-22262

JSON object: View

NVD Information

Status : Awaiting Analysis

Published: 2024-04-16T06:15:46.270

Modified: 2024-06-10T18:15:25.940

Link: CVE-2024-22262

JSON object: View

Redhat Information

No data.

CWE

No CWE.

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-22262", "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "state": "PUBLISHED", "assignerShortName": "vmware", "dateReserved": "2024-01-08T18:43:17.077Z", "datePublished": "2024-04-16T05:54:12.786Z", "dateUpdated": "2024-06-28T03:55:23.199Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Spring Framework", "vendor": "Spring", "versions": [{"lessThan": "6.1.6", "status": "affected", "version": "6.1.x", "versionType": "6.1.6"}, {"lessThan": "6.0.19", "status": "affected", "version": "6.0.x", "versionType": "6.0.19"}, {"lessThan": "5.3.34", "status": "affected", "version": "5.3.x", "versionType": "5.3.34"}]}], "datePublic": "2024-04-11T05:49:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div><p>Applications that use <code>UriComponentsBuilder</code> to parse an externally provided URL (e.g. through a query parameter) <em>AND</em> perform validation checks on the host of the parsed URL may be vulnerable to a <a target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\">open redirect</a> attack or to a SSRF attack if the URL is used after passing validation checks.</p><p>This is the same as <a target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22259\">CVE-2024-22259</a> and <a target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22243\">CVE-2024-22243</a>, but with different input.</p></div></div><div><br></div><br>"}], "value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d", "shortName": "vmware", "dateUpdated": "2024-04-16T05:54:12.786Z"}, "references": [{"url": "https://spring.io/security/cve-2024-22262"}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0003/"}], "source": {"discovery": "UNKNOWN"}, "title": "CVE-2024-22262: Spring Framework URL Parsing with Host Validation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "vmware", "product": "spring_framework", "cpes": ["cpe:2.3:a:vmware:spring_framework:6.1.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.1.0", "status": "affected", "lessThan": "6.1.6", "versionType": "custom"}]}, {"vendor": "vmware", "product": "spring_framework", "cpes": ["cpe:2.3:a:vmware:spring_framework:6.0.0:-:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.0.0", "status": "affected", "lessThan": "6.0.19", "versionType": "custom"}]}, {"vendor": "pivotal_software", "product": "spring_framework", "cpes": ["cpe:2.3:a:pivotal_software:spring_framework:5.3.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.3.0", "status": "affected", "lessThan": "5.3.34", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-27T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2024-22262"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-28T03:55:23.199Z"}}]}, "dataVersion": "5.1"}