Miggo Logo
Miggo Vulnerability Database
CVE-2021-22047

CVE-2021-22047: Exposure of Resource to Wrong Sphere in Spring Data REST

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-22047
GHSA ID
GHSA-4926-qpxg-6r3w
EPSS Score
0.54065%
CWE
CWE-668
Published
5/24/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.springframework.data:spring-data-rest-coremaven>= 3.4.0, <= 3.4.133.4.14
org.springframework.data:spring-data-rest-coremaven>= 3.5.0, <= 3.5.53.5.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from Spring Data REST controllers being registered in both base path and root namespaces when using class-level @RequestMapping. The patches add validation in handler mapping components to prevent this dual registration. The vulnerable functions are the pre-patch isHandler() implementations that failed to check for conflicting @RequestMapping annotations, allowing unauthorized endpoint exposure. These methods would appear in stack traces when processing requests to the unintended duplicate endpoints.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In Sprin* **t* R*ST v*rsions *.*.* - *.*.**, *.*.* - *.*.*, *n* ol**r unsupport** v*rsions, *TTP r*sour**s impl*m*nt** *y *ustom *ontroll*rs usin* * *on*i*ur** **s* *PI p*t* *n* * *ontroll*r typ*-l*v*l r*qu*st m*ppin* *r* ***ition*lly *xpos** un**r U

Reasoning

T** vuln*r**ility st*ms *rom Sprin* **t* R*ST *ontroll*rs **in* r**ist*r** in *ot* **s* p*t* *n* root n*m*sp***s w**n usin* *l*ss-l*v*l @R*qu*stM*ppin*. T** p*t***s *** `v*li**tion` in **n*l*r m*ppin* *ompon*nts to pr*v*nt t*is *u*l r**istr*tion. T**
CVE-2021-22047: Spring Data REST Auth Bypass | Miggo