<p>Upgrade <code>org.springframework.security.oauth:spring-security-oauth2</code> to version 2.0.10.RELEASE or higher.</p>

Arbitrary Code Execution Affecting org.springframework.security.oauth:spring-security-oauth2 package, versions [1.0.0.RELEASE,2.0.10.RELEASE)

Snyk CVSS

Attack Complexity Low

Confidentiality High

Integrity High

Availability High

Threat Intelligence

Exploit Maturity Proof of concept

EPSS 3.35% (92^nd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITYOAUTH-31345
published 4 Jul 2016
disclosed 4 Jul 2016
credit David Vieira-Kurz

Report a new vulnerability Found a mistake?

Introduced: 4 Jul 2016

CVE-2016-4977 Open this link in a new tab CWE-94 Open this link in a new tab

How to fix?

Upgrade org.springframework.security.oauth:spring-security-oauth2 to version 2.0.10.RELEASE or higher.

Overview

org.springframework.security.oauth:spring-security-oauth2 is a package that provides support for using Spring Security with OAuth (1a) and OAuth2.

Affected versions of this package are vulnerable to Arbitrary Code Execution. When processing authorization requests using the whitelabel views, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.