CVE-2016-4977 – Spring Security OAuth2

Description

Kayran has detected that the Version of Spring Security OAuth being used is vulnerable to Remote Code Executions.
When processing authorization requests using the ‘whitelabel’ views in the versions being used, the ‘response_type’ parameter value is being executed as a Spring SpEL.

CVE-2016-4977 is categorized as a ‘Data Processing Error’ vulnerability (CWE-19).
Weaknesses in this category are typically found in everything related to the functionality that processes data.
Data processing is the manipulation of input to retrieve or save information.

Attackers could abuse it to trigger remote code executions through the crafting of the value for the ‘response_type’ parameter.

That could assist attackers in obtaining sensitive information (Information Disclosure).
There’s a chance that this vulnerability will allow attackers to modify system files and information.
It could also lead to a decrease in performance and interruptions in the availability of resources.

Recommendation

To fix CVE-2016-4977, upgrade the version of Spring Security OAuth being used to 2.0.10 or higher.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4977

https://cwe.mitre.org/data/definitions/19.html

< Return to all Vulnerabilities

Exposing the GIT

Let’s start with defining the meaning of GIT. GIT – is an open-source system which we use as a tool to store data and information

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »