ID

VAR-202001-1869


CVE

CVE-2020-5397


TITLE

Spring Framework Vulnerable to cross-site request forgery

Trust: 0.8

sources: JVNDB: JVNDB-2020-001404

DESCRIPTION

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack. Spring Framework Contains a cross-site request forgery vulnerability.Information may be altered. Pivotal Software Spring Framework is a set of open source Java and JavaEE application frameworks from Pivotal Software in the United States. The framework helps developers build high-quality applications. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user. An attacker could exploit this vulnerability to send unexpected requests to the server through an affected client

Trust: 1.71

sources: NVD: CVE-2020-5397 // JVNDB: JVNDB-2020-001404 // VULHUB: VHN-183522

AFFECTED PRODUCTS

vendor:oraclemodel:insurance rules palettescope:eqversion:10.2.4

Trust: 1.0

vendor:oraclemodel:retail back officescope:eqversion:14.1

Trust: 1.0

vendor:oraclemodel:communications session route managerscope:eqversion:8.2.1

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:gteversion:8.0.0

Trust: 1.0

vendor:oraclemodel:flexcube private bankingscope:eqversion:12.0.0

Trust: 1.0

vendor:oraclemodel:rapid planningscope:eqversion:12.1

Trust: 1.0

vendor:oraclemodel:communications session route managerscope:eqversion:8.1.1

Trust: 1.0

vendor:oraclemodel:retail integration busscope:eqversion:16.0.3

Trust: 1.0

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:11.1.0

Trust: 1.0

vendor:oraclemodel:insurance rules palettescope:eqversion:11.1.0

Trust: 1.0

vendor:vmwaremodel:spring frameworkscope:ltversion:5.2.3

Trust: 1.0

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:11.2.0

Trust: 1.0

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.2.1.0

Trust: 1.0

vendor:oraclemodel:insurance rules palettescope:eqversion:11.2.0

Trust: 1.0

vendor:oraclemodel:retail assortment planningscope:eqversion:15.0

Trust: 1.0

vendor:oraclemodel:retail financial integrationscope:eqversion:16.0

Trust: 1.0

vendor:oraclemodel:financial services regulatory reporting with agilereporterscope:eqversion:8.0.9.2.0

Trust: 1.0

vendor:oraclemodel:retail order brokerscope:eqversion:15.0

Trust: 1.0

vendor:oraclemodel:communications brm - elastic charging enginescope:eqversion:12.0

Trust: 1.0

vendor:oraclemodel:retail returns managementscope:eqversion:14.1

Trust: 1.0

vendor:oraclemodel:retail service backbonescope:eqversion:15.0

Trust: 1.0

vendor:oraclemodel:retail point-of-servicescope:eqversion:14.1

Trust: 1.0

vendor:oraclemodel:retail central officescope:eqversion:14.1

Trust: 1.0

vendor:oraclemodel:rapid planningscope:eqversion:12.2

Trust: 1.0

vendor:oraclemodel:communications element managerscope:eqversion:8.2.0

Trust: 1.0

vendor:oraclemodel:healthcare master person indexscope:eqversion:4.0.2

Trust: 1.0

vendor:oraclemodel:insurance calculation enginescope:gteversion:11.0.0

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:lteversion:4.0.12

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:lteversion:8.0.20

Trust: 1.0

vendor:oraclemodel:mysql enterprise monitorscope:gteversion:4.0.0

Trust: 1.0

vendor:oraclemodel:retail assortment planningscope:eqversion:16.0

Trust: 1.0

vendor:oraclemodel:communications policy managementscope:eqversion:12.5.0

Trust: 1.0

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:10.2.0

Trust: 1.0

vendor:vmwaremodel:spring frameworkscope:gteversion:5.2.0

Trust: 1.0

vendor:oraclemodel:insurance rules palettescope:eqversion:10.2.0

Trust: 1.0

vendor:oraclemodel:communications brm - elastic charging enginescope:eqversion:11.3

Trust: 1.0

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:11.0.2

Trust: 1.0

vendor:oraclemodel:communications element managerscope:eqversion:8.2.1

Trust: 1.0

vendor:oraclemodel:retail integration busscope:eqversion:15.0.3

Trust: 1.0

vendor:oraclemodel:insurance calculation enginescope:lteversion:11.3.1

Trust: 1.0

vendor:oraclemodel:insurance rules palettescope:eqversion:11.0.2

Trust: 1.0

vendor:oraclemodel:retail order brokerscope:eqversion:16.0

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.2.1.3.0

Trust: 1.0

vendor:oraclemodel:retail service backbonescope:eqversion:16.0

Trust: 1.0

vendor:oraclemodel:flexcube private bankingscope:eqversion:12.1.0

Trust: 1.0

vendor:oraclemodel:retail predictive application serverscope:eqversion:15.0.3.0

Trust: 1.0

vendor:oraclemodel:communications session route managerscope:eqversion:8.2.0

Trust: 1.0

vendor:oraclemodel:application testing suitescope:eqversion:13.3.0.1

Trust: 1.0

vendor:oraclemodel:communications element managerscope:eqversion:8.1.1

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:gteversion:8.0.0

Trust: 1.0

vendor:oraclemodel:retail predictive application serverscope:eqversion:14.0.3

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:lteversion:8.2.2

Trust: 1.0

vendor:oraclemodel:retail predictive application serverscope:eqversion:14.1.3

Trust: 1.0

vendor:oraclemodel:weblogic serverscope:eqversion:12.2.1.4.0

Trust: 1.0

vendor:oraclemodel:retail financial integrationscope:eqversion:15.0

Trust: 1.0

vendor:oraclemodel:retail predictive application serverscope:eqversion:16.0.3.0

Trust: 1.0

vendor:oraclemodel:insurance policy administration j2eescope:eqversion:10.2.4

Trust: 1.0

vendor:pivotalmodel:spring frameworkscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-001404 // NVD: CVE-2020-5397

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-5397
value: MEDIUM

Trust: 1.0

security@pivotal.io: CVE-2020-5397
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-5397
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202001-841
value: MEDIUM

Trust: 0.6

VULHUB: VHN-183522
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-5397
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-183522
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 4.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

security@pivotal.io: CVE-2020-5397
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2020-5397
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-183522 // CNNVD: CNNVD-202001-841 // JVNDB: JVNDB-2020-001404 // NVD: CVE-2020-5397 // NVD: CVE-2020-5397

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-183522 // JVNDB: JVNDB-2020-001404 // NVD: CVE-2020-5397

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202001-841

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-202001-841

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-001404

PATCH

title:CVE-2020-5397: CSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFluxurl:https://pivotal.io/security/cve-2020-5397

Trust: 0.8

title:Pivotal Software Spring Framework Fixes for cross-site request forgery vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=107142

Trust: 0.6

sources: CNNVD: CNNVD-202001-841 // JVNDB: JVNDB-2020-001404

EXTERNAL IDS

db:NVDid:CVE-2020-5397

Trust: 2.5

db:JVNDBid:JVNDB-2020-001404

Trust: 0.8

db:CNNVDid:CNNVD-202001-841

Trust: 0.7

db:NSFOCUSid:48040

Trust: 0.6

db:VULHUBid:VHN-183522

Trust: 0.1

sources: VULHUB: VHN-183522 // CNNVD: CNNVD-202001-841 // JVNDB: JVNDB-2020-001404 // NVD: CVE-2020-5397

REFERENCES

url:https://pivotal.io/security/cve-2020-5397

Trust: 1.7

url:https://www.oracle.com//security-alerts/cpujul2021.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuapr2020.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujul2020.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpujul2022.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuoct2020.html

Trust: 1.7

url:https://www.oracle.com/security-alerts/cpuoct2021.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2020-5397

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5397

Trust: 0.8

url:http://www.nsfocus.net/vulndb/48040

Trust: 0.6

url:https://vigilance.fr/vulnerability/spring-framework-cross-site-request-forgery-via-cors-preflight-requests-31363

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities/

Trust: 0.6

sources: VULHUB: VHN-183522 // CNNVD: CNNVD-202001-841 // JVNDB: JVNDB-2020-001404 // NVD: CVE-2020-5397

CREDITS

Eric Zimanyi from Google

Trust: 0.6

sources: CNNVD: CNNVD-202001-841

SOURCES

db:VULHUBid:VHN-183522
db:CNNVDid:CNNVD-202001-841
db:JVNDBid:JVNDB-2020-001404
db:NVDid:CVE-2020-5397

LAST UPDATE DATE

2026-06-19T23:44:36.895000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-183522date:2022-07-25T00:00:00
db:CNNVDid:CNNVD-202001-841date:2022-07-26T00:00:00
db:JVNDBid:JVNDB-2020-001404date:2020-02-06T00:00:00
db:NVDid:CVE-2020-5397date:2026-06-17T03:21:24.700

SOURCES RELEASE DATE

db:VULHUBid:VHN-183522date:2020-01-17T00:00:00
db:CNNVDid:CNNVD-202001-841date:2020-01-16T00:00:00
db:JVNDBid:JVNDB-2020-001404date:2020-02-06T00:00:00
db:NVDid:CVE-2020-5397date:2020-01-17T19:15:14.727