cnvd - cnvd-2021-37707

cnvd-2021-37707

Vulnerability from cnvd

Title: Spring Security安全特征问题漏洞

Description:

Spring Security的前身是Acegi Security ，是Spring项目组中用来提供安全认证服务的框架。

Spring Security中存在安全特征问题漏洞。攻击者可借助字典攻击利用该漏洞获取未加密的值。

Severity: 中

Patch Name: Spring Security安全特征问题漏洞的补丁

Patch Description:

Spring Security的前身是Acegi Security ，是Spring项目组中用来提供安全认证服务的框架。

Spring Security中存在安全特征问题漏洞。攻击者可借助字典攻击利用该漏洞获取未加密的值。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://tanzu.vmware.com/security/cve-2020-5408

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-5408

Impacted products

Name
['Pivotal Software Spring Security 5.3，<5.3.2', 'Pivotal Software Spring Security 5.2，<5.2.4', 'Pivotal Software Spring Security 5.1.，<5.1.10', 'Pivotal Software Spring Security 5.0.，<5.0.16', 'Pivotal Software Spring Security 4.2.*，<4.2.16']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-5408"
    }
  },
  "description": "Spring Security\u7684\u524d\u8eab\u662fAcegi Security \uff0c\u662fSpring\u9879\u76ee\u7ec4\u4e2d\u7528\u6765\u63d0\u4f9b\u5b89\u5168\u8ba4\u8bc1\u670d\u52a1\u7684\u6846\u67b6\u3002\n\nSpring Security\u4e2d\u5b58\u5728\u5b89\u5168\u7279\u5f81\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u5b57\u5178\u653b\u51fb\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u52a0\u5bc6\u7684\u503c\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tanzu.vmware.com/security/cve-2020-5408",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-37707",
  "openTime": "2021-05-28",
  "patchDescription": "Spring Security\u7684\u524d\u8eab\u662fAcegi Security \uff0c\u662fSpring\u9879\u76ee\u7ec4\u4e2d\u7528\u6765\u63d0\u4f9b\u5b89\u5168\u8ba4\u8bc1\u670d\u52a1\u7684\u6846\u67b6\u3002\r\n\r\nSpring Security\u4e2d\u5b58\u5728\u5b89\u5168\u7279\u5f81\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u5b57\u5178\u653b\u51fb\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u672a\u52a0\u5bc6\u7684\u503c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Spring Security\u5b89\u5168\u7279\u5f81\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Pivotal Software Spring Security 5.3*\uff0c\u003c5.3.2",
      "Pivotal Software Spring Security 5.2*\uff0c\u003c5.2.4",
      "Pivotal Software Spring Security 5.1.*\uff0c\u003c5.1.10",
      "Pivotal Software Spring Security 5.0.*\uff0c\u003c5.0.16",
      "Pivotal Software Spring Security 4.2.*\uff0c\u003c4.2.16"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-5408",
  "serverity": "\u4e2d",
  "submitTime": "2020-05-15",
  "title": "Spring Security\u5b89\u5168\u7279\u5f81\u95ee\u9898\u6f0f\u6d1e"
}

CVE-2020-5408 (GCVE-0-2020-5408)

Vulnerability from cvelistv5

Published

2020-05-14 17:15

Modified

2024-09-17 01:01

Severity ?

CWE

CWE-329 - Not Using a Random IV with CBC Mode

Summary

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.

References

▼	URL	Tags
	https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
	https://tanzu.vmware.com/security/cve-2020-5408	x_refsource_CONFIRM
	https://www.oracle.com/security-alerts/cpujan2021.html	x_refsource_MISC
	https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Spring by VMware	Spring Security	Version: 4.2 < 4.2.16 Version: 5.0 < 5.0.16 Version: 5.1 < 5.1.10 Version: 5.2 < 5.2.4 Version: 5.3 < 5.3.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T08:30:23.986Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tanzu.vmware.com/security/cve-2020-5408"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Spring Security",
          "vendor": "Spring by VMware",
          "versions": [
            {
              "lessThan": "4.2.16",
              "status": "affected",
              "version": "4.2",
              "versionType": "custom"
            },
            {
              "lessThan": "5.0.16",
              "status": "affected",
              "version": "5.0",
              "versionType": "custom"
            },
            {
              "lessThan": "5.1.10",
              "status": "affected",
              "version": "5.1",
              "versionType": "custom"
            },
            {
              "lessThan": "5.2.4",
              "status": "affected",
              "version": "5.2",
              "versionType": "custom"
            },
            {
              "lessThan": "5.3.2",
              "status": "affected",
              "version": "5.3",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-329",
              "description": "CWE-329: Not Using a Random IV with CBC Mode",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-14T17:20:23",
        "orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
        "shortName": "pivotal"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tanzu.vmware.com/security/cve-2020-5408"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Dictionary attack with Spring Security queryable text encryptor",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@pivotal.io",
          "DATE_PUBLIC": "2020-05-13T00:00:00.000Z",
          "ID": "CVE-2020-5408",
          "STATE": "PUBLIC",
          "TITLE": "Dictionary attack with Spring Security queryable text encryptor"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Spring Security",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "4.2",
                            "version_value": "4.2.16"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "5.0",
                            "version_value": "5.0.16"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "5.1",
                            "version_value": "5.1.10"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "5.2",
                            "version_value": "5.2.4"
                          },
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_name": "5.3",
                            "version_value": "5.3.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Spring by VMware"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack."
            }
          ]
        },
        "impact": null,
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-329: Not Using a Random IV with CBC Mode"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
            },
            {
              "name": "https://tanzu.vmware.com/security/cve-2020-5408",
              "refsource": "CONFIRM",
              "url": "https://tanzu.vmware.com/security/cve-2020-5408"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
    "assignerShortName": "pivotal",
    "cveId": "CVE-2020-5408",
    "datePublished": "2020-05-14T17:15:13.256026Z",
    "dateReserved": "2020-01-03T00:00:00",
    "dateUpdated": "2024-09-17T01:01:47.960Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted