Security Bulletin: The IBM® Engineering Lifecycle Management products using WebSphere Application Server could provide weaker than expected security due to crypto.js (CVE-2020-36732)

Summary A vulnerability in crypto.js library affects IBM WebSphere Application Server Liberty with the openidConnectServer-1.0 feature enabled. Following IBM® Engineering Lifecycle Management products are vulnerable to this attack, and addressed in this bulletin: Global Configuration Management,...

Security Bulletin: Liberty for Java for IBM Cloud is vulnerable to a denial of service (CVE-2020-4590)

Summary There is a denial of service vulnerablility in IBM WebSphere Application Server Liberty used in Liberty for Java for IBM Cloud. Vulnerability Details CVEID:CVE-2020-4590 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or...

Autobinding vulnerability in MITREid Connect

org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Mass Assignment aka Autobinding vulnerability. This arises due to unsafe usage of the @ModelAttribute annotation during the OAuth authorization flow, in...

GHSA-792R-MH2Q-P8QP Server Side Request Forgery (SSRF) in org.mitre:openid-connect-server

The OpenID Connect server implementation for MITREid Connect through 1.3.3 contains a Server Side Request Forgery SSRF vulnerability. The vulnerability arises due to unsafe usage of the logouri parameter in the Dynamic Client Registration request. An unauthenticated attacker can make a HTTP reque...

net.simpledynamics:openid-connect-server-spring-boot-config (>=0.1.0 <=0.1.3), net.simpledynamics:openid-connect-server-spring-boot-samples-default (>=0.1.0 <=0.1.1) +7 more potentially affected by CVE-2021-26715 via org.mitre:openid-connect-server (>=1.1.0 <=1.3.3)

org.mitre:openid-connect-server MAVEN version =1.1.0, =0.1.0, =0.1.0, =0.1.0, =0.11, =1.1.0, =1.2.0, =1.2.0, =1.3.3 Source cves: CVE-2021-26715 Source advisory: OSV:GHSA-792R-MH2Q-P8QP...

Mass Parameter Assignment

openid-connect-server allows mass parameter assignment. The vulnerability allows an attacker to overwrite specific parameters with arbitrary values, which could lead to authorization bypass or other unexpected application behavior...

CVE-2020-4590

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650...

net.simpledynamics:openid-connect-server-spring-boot-config (>=0.1.0 <=0.1.3), net.simpledynamics:openid-connect-server-spring-boot-samples-default (>=0.1.0 <=0.1.1) +7 more potentially affected by CVE-2020-5497 via org.mitre:openid-connect-server (>=1.1.0 <=1.3.3)

org.mitre:openid-connect-server MAVEN version =1.1.0, =0.1.0, =0.1.0, =0.1.0, =0.11, =1.1.0, =1.2.0, =1.2.0, =1.3.3 Source cves: CVE-2020-5497 Source advisory: OSV:GHSA-C2H6-7GM8-CV4W...

org.cloudfoundry:cf-gradle-plugin (>=1.0.1 <=1.0.3), org.cloudfoundry:cf-maven-plugin (>=1.0.1 <=1.0.3) +5 more potentially affected by CVE-2016-4977 via org.springframework.security.oauth:spring-security-oauth2 (>=1.0.0.RELEASE <=1.0.2.RELEASE)

org.springframework.security.oauth:spring-security-oauth2 MAVEN version =1.0.0.RELEASE, =1.0.1, =1.0.1, =1.0.1, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =1.0.22 Source cves: CVE-2016-4977 Source advisory: OSV:GHSA-7Q9C-H23X-65FQ...