Auto-merge PR#3052

2025-06-19 17:32:41 +00:00 · 2020-01-17 13:50:17 -05:00 · 2020-01-17 13:50:17 -05:00 · b62647ad8a
commit b62647ad8a
parent 2e8e55b90c b16bc694cd
1 changed files with 70 additions and 3 deletions
--- a/2020/5xxx/CVE-2020-5397.json
+++ b/2020/5xxx/CVE-2020-5397.json
@ -3,16 +3,83 @@
    "data_format": "MITRE",
    "data_version": "4.0",
    "CVE_data_meta": {
        "ASSIGNER": "security@pivotal.io",
        "DATE_PUBLIC": "2020-01-16T00:00:00.000Z",
        "ID": "CVE-2020-5397",
-        "ASSIGNER": "cve@mitre.org",
+        "STATE": "PUBLIC",
-        "STATE": "RESERVED"
+        "TITLE": "CSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFlux"
    },
    "source": {
        "discovery": "UNKNOWN"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Spring Framework",
                                "version": {
                                    "version_data": [
                                        {
                                            "affected": "<",
                                            "version_name": "5.2",
                                            "version_value": "v5.2.3.RELEASE"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Spring"
                }
            ]
        }
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints.\n\nOnly non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. \n\nNo HTTP body can be sent or received as a result of this attack."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-352: Cross-Site Request Forgery (CSRF)"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "CONFIRM",
                "url": "https://pivotal.io/security/cve-2020-5397",
                "name": "https://pivotal.io/security/cve-2020-5397"
            }
        ]
    },
    "impact": {
        "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
        }
    }
 }