Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

cve-2018-15758
Back to All
CVE

CVE-2018-15758

Authorization bypass in org.springframework.security.oauth:spring-security-oauth2

Description

Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can craft a request to the approval endpoint that can modify the previously saved authorization request and lead to a privilege escalation on the subsequent approval. This scenario can happen if the application is configured to use a custom approval endpoint that declares AuthorizationRequest as a controller method argument. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and use a custom Approval Endpoint that declares AuthorizationRequest as a controller method argument. This vulnerability does not expose applications that: Act in the role of an Authorization Server and use the default Approval Endpoint, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient).

Base CVSS

8.1

EPSS Score

0.4%

Introduced Version

2.0.0.RELEASE

Fix Available

2.3.4.RELEASE,2.2.3.RELEASE,2.1.3.RELEASE,2.0.16.RELEASE

Available Patches

Package
CVEs Fixed
Lines of Code Changed
Package Name
org.springframework.security.oauth:spring-security-oauth2
2.3.3.RELEASE
CVES Fixed
C
0
H
1
M
0
L
0
Code Changed
+223
-30

References

https://nvd.nist.gov/vuln/detail/CVE-2018-15758
https://github.com/advisories/GHSA-h8w4-qv99-f7vj
https://github.com/spring-attic/spring-security-oauth/commit/4082ec7ae3d39198a47b5c803ccb20dacefb0b0
https://pivotal.io/security/cve-2018-15758
https://github.com/spring-attic/spring-security-oauth/commit/ddd65cd9417ae1e4a69e4193a622300db38e2ef
https://access.redhat.com/errata/RHSA-2019:2413
http://www.securityfocus.com/bid/105687
https://github.com/spring-attic/spring-security-oauth/commit/f92223afc71687bd3156298054903f50aa71fbf
https://github.com/spring-attic/spring-security-oauth/commit/623776689fdcc8047f5a908c71f348e1f172a97

AppSec for the Software Development Revolution

Endor Labs builds a complete graph of your software estate, so teams can pinpoint and fix critical risks in complex, dependency-rich code—whether it was written by humans or AI.

Welcome to the resistance
Oops! Something went wrong, please try again.
brightness-increase
moon-01