CVE-2021-22047

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.

CVSS v3 5.3 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://tanzu.vmware.com/security/cve-2021-22047	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vmware:spring_data_rest::::::::
	cpe:2.3:a:vmware:spring_data_rest::::::::

History

No history.

Information

Published : 2021-10-28 16:15

Updated : 2024-02-28 18:48

NVD link : CVE-2021-22047

Mitre link : CVE-2021-22047

CVE.ORG link : CVE-2021-22047

JSON object : View

Products Affected

vmware

spring_data_rest

CWE

CWE-668

Exposure of Resource to Wrong Sphere

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2021-22047", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2021-10-28T16:15:07.623", "references": [{"url": "https://tanzu.vmware.com/security/cve-2021-22047", "tags": ["Vendor Advisory"], "source": "security@vmware.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}, {"type": "Secondary", "source": "security@vmware.com", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration."}, {"lang": "es", "value": "En Spring Data REST versiones 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, y versiones anteriores no soportadas, los recursos HTTP implementados por controladores personalizados que usan una ruta de API base configurada y un mapeo de peticiones a nivel de tipo de controlador est\u00e1n expuestos adicionalmente bajo URIs que pueden ser potencialmente expuestos para un acceso no autorizado dependiendo de la configuraci\u00f3n de Spring Security"}], "lastModified": "2021-11-01T15:59:49.797", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_data_rest:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B73FD255-55AE-41DD-AE2E-11EC2195310A", "versionEndIncluding": "3.4.13", "versionStartIncluding": "3.4.0"}, {"criteria": "cpe:2.3:a:vmware:spring_data_rest:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47ED1B17-C440-42E5-9898-02C0FE5456C0", "versionEndIncluding": "3.5.5", "versionStartIncluding": "3.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@vmware.com"}