Miggo Logo

CVE-2019-11269: Open Redirect in Spring Security OAuth

5.4

CVSS Score
3.1

Basic Information

EPSS Score
0.90788%
Published
6/13/2019
Updated
5/14/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.springframework.security.oauth:spring-security-oauthmaven>= 2.0.0.RELEASE, < 2.0.18.RELEASE2.0.18.RELEASE
org.springframework.security.oauth:spring-security-oauthmaven>= 2.1.0.RELEASE, < 2.1.5.RELEASE2.1.5.RELEASE
org.springframework.security.oauth:spring-security-oauthmaven>= 2.2.0.RELEASE, < 2.2.5.RELEASE2.2.5.RELEASE
org.springframework.security.oauth:spring-security-oauthmaven>= 2.3.0.RELEASE, < 2.3.6.RELEASE2.3.6.RELEASE

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability root cause is in redirect URI validation logic handled by DefaultRedirectResolver. Runtime detection would show this method processing attacker-controlled redirect_uri parameters. The Pivotal advisory explicitly identifies DefaultRedirectResolver as the vulnerable component when used in AuthorizationEndpoint configurations. While no direct patch diffs are shown, the mitigation requires updating this class to enforce exact redirect URI matching.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Sprin* S**urity O*ut* v*rsions *.* prior to *.*.*, *.* prior to *.*.*, *.* prior to *.*.*, *n* *.* prior to *.*.**, *s w*ll *s ol**r unsupport** v*rsions *oul* ** sus**pti*l* to *n op*n r**ir**tor *tt**k t**t **n l**k *n *ut*oriz*tion *o**. * m*li*io

Reasoning

T** vuln*r**ility root **us* is in r**ir**t URI v*li**tion lo*i* **n*l** *y `****ultR**ir**tR*solv*r`. Runtim* **t**tion woul* s*ow t*is m*t*o* pro**ssin* *tt**k*r-*ontroll** `r**ir**t_uri` p*r*m*t*rs. T** Pivot*l **visory *xpli*itly i**nti*i*s `****