Vulnerability Description
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Spring Framework | >= 5.2.0, < 5.2.3 |
| Oracle | Application Testing Suite | 13.3.0.1 |
| Oracle | Communications Brm - Elastic Charging Engine | 11.3 |
| Oracle | Communications Diameter Signaling Router | >= 8.0.0, <= 8.2.2 |
| Oracle | Communications Element Manager | 8.1.1 |
| Oracle | Communications Policy Management | 12.5.0 |
| Oracle | Communications Session Route Manager | 8.1.1 |
| Oracle | Enterprise Manager Base Platform | 13.2.1.0 |
| Oracle | Financial Services Regulatory Reporting With Agilereporter | 8.0.9.2.0 |
| Oracle | Flexcube Private Banking | 12.0.0 |
| Oracle | Healthcare Master Person Index | 4.0.2 |
| Oracle | Insurance Calculation Engine | >= 11.0.0, <= 11.3.1 |
| Oracle | Insurance Policy Administration J2Ee | 10.2.0 |
| Oracle | Insurance Rules Palette | 10.2.0 |
| Oracle | Mysql Enterprise Monitor | >= 4.0.0, <= 4.0.12 |
| Oracle | Rapid Planning | 12.1 |
| Oracle | Retail Assortment Planning | 15.0 |
| Oracle | Retail Back Office | 14.1 |
| Oracle | Retail Central Office | 14.1 |
| Oracle | Retail Financial Integration | 15.0 |
Related Weaknesses (CWE)
References
- https://pivotal.io/security/cve-2020-5397ExploitVendor Advisory
- https://www.oracle.com//security-alerts/cpujul2021.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpuapr2020.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpujul2020.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuoct2020.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.htmlPatchThird Party Advisory
- https://pivotal.io/security/cve-2020-5397ExploitVendor Advisory
- https://www.oracle.com//security-alerts/cpujul2021.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpuapr2020.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpujul2020.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuoct2020.htmlPatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2021.htmlPatchThird Party Advisory
FAQ
What is CVE-2020-5397?
CVE-2020-5397 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) e...
How severe is CVE-2020-5397?
CVE-2020-5397 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5397?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Spring Framework, Oracle Application Testing Suite, Oracle Communications Brm - Elastic Charging Engine, Oracle Communications Diameter Signaling Router, Oracle Communications Element Manager.