Privilege Escalation

2022-11-0406:12:45

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

76.7%

JSON

Spring Security OAuth2 Client is vulnerable to Privilege Escalation. The vulnerability exists in the getTokenResponse function in multiple files due to the authorization server responding with an OAuth2 access token response containing an empty scope list which allows an attacker to modify requests initiated by clients.

CPENameOperatorVersion
spring-security-oauth2-clientle5.4.10
spring-security-oauth2-clientle5.6.8
spring-security-oauth2-clientle5.5.8
spring-security-oauth2-clientle5.7.4
spring-security-oauth2-clientle5.1.13.RELEASE
spring-security-oauth2-clientle5.3.13.RELEASE
spring-security-oauth2-clientle5.2.15.RELEASE
jenkinseq2.346.3.1663151230__1.el8
jenkinseq2.346.3.1661877467__3.el8
jenkinseq2.263.3.1612434510__1.el8

Name	Operator	Version
spring-security-oauth2-client	le	5.4.10
spring-security-oauth2-client	le	5.6.8
spring-security-oauth2-client	le	5.5.8
spring-security-oauth2-client	le	5.7.4
spring-security-oauth2-client	le	5.1.13.RELEASE
spring-security-oauth2-client	le	5.3.13.RELEASE
spring-security-oauth2-client	le	5.2.15.RELEASE
jenkins	eq	2.346.3.1663151230__1.el8
jenkins	eq	2.346.3.1661877467__3.el8
jenkins	eq	2.263.3.1612434510__1.el8