pivotalsoftware spring-framework CVE-2020-5397 vulnerability in Pivotal Software and Other Products
Published on January 17, 2020

CSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFlux

product logo product logo product logo
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack.

NVD

Weakness Type

What is a Session Riding Vulnerability?

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. When a web server is designed to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it might be possible for an attacker to trick a client into making an unintentional request to the web server which will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.

CVE-2020-5397 has been classified to as a Session Riding vulnerability or weakness.


Products Associated with CVE-2020-5397

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-5397 are published in these products:

Pivotal Software Spring Framework
 
Oracle Application Testing Suite
 
Oracle Communications Brm Elastic Charging Engine
 
Oracle Communications Diameter Signaling Router
 
Oracle Communications Element Manager
 
Oracle Communications Policy Management
 
Oracle Communications Session Route Manager
 
Oracle Enterprise Manager Base Platform
 
Oracle Financial Services Regulatory Reporting With Agilereporter
 
Oracle Flexcube Private Banking
 
Oracle Healthcare Master Person Index
 
Oracle Insurance Calculation Engine
 
Oracle Insurance Policy Administration J2ee
 
Oracle Mysql Enterprise Monitor
 
Oracle Nsurance Rules Palette
 
Oracle Rapid Planning
 
Oracle Retail Assortment Planning
 
Oracle Retail Back Office
 
Oracle Retail Central Office
 
Oracle Retail Financial Integration
 
Oracle Retail Integration Bus
 
Oracle Retail Order Broker
 
Oracle Retail Point Of Service
 
Oracle Retail Predictive Application Server
 
Oracle Retail Returns Management
 
Oracle Retail Service Backbone
 
Oracle Weblogic Server
 
Oracle Insurance Rules Palette
 
VMware Spring Framework
 

Affected Versions

Spring Framework:

Exploit Probability

EPSS
0.89%
Percentile
75.18%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.