CVE-2024-22243: Spring Framework URL Parsing with Host Validation
First published: Fri Feb 23 2024(Updated: )
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect
Credit: security@vmware.com security@vmware.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/springframework | <6.1.4 | 6.1.4 |
| redhat/springframework | <6.0.17 | 6.0.17 |
| redhat/springframework | <5.3.32 | 5.3.32 |
| maven/org.springframework:spring-web | <=5.2.25.RELEASE | |
| maven/org.springframework:spring-web | >=5.3.0<5.3.32 | 5.3.32 |
| maven/org.springframework:spring-web | >=6.0.0<6.0.17 | 6.0.17 |
| maven/org.springframework:spring-web | >=6.1.0<6.1.4 | 6.1.4 |
| IBM Cognos Controller | <=11.1.0 | |
| IBM Cognos Controller | <=11.0.0 - 11.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.theregister.com/2024/05/20/in_brief_security/
- https://spring.io/security/cve-2024-22243
- https://access.redhat.com/errata/RHSA-2024:3354
- https://bugzilla.redhat.com/show_bug.cgi?id=2265735
- https://security.netapp.com/advisory/ntap-20240524-0001/
- https://nvd.nist.gov/vuln/detail/CVE-2024-22243
- https://github.com/spring-projects/spring-framework/blob/main/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java
- https://security.netapp.com/advisory/ntap-20240524-0001
- http://seclists.org/fulldisclosure/2024/Sep/24
- https://github.com/advisories/GHSA-ccgv-vj62-xf9h (Advisory)
- https://www.ibm.com/support/pages/node/7184423 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2024-22243?
CVE-2024-22243 is classified as a high severity vulnerability that can lead to open redirect and SSRF attacks.
How do I fix CVE-2024-22243?
To fix CVE-2024-22243, upgrade to Spring Web versions 5.3.32, 6.0.17, or 6.1.4.
Which versions of Spring Web are affected by CVE-2024-22243?
CVE-2024-22243 affects Spring Web versions up to 5.2.25.RELEASE and versions between 5.3.0 and 5.3.32.
What attacks does CVE-2024-22243 expose my application to?
CVE-2024-22243 exposes your application to open redirect attacks and server-side request forgery (SSRF) vulnerabilities.
Is my application vulnerable if it uses UriComponentsBuilder?
Yes, if your application uses UriComponentsBuilder to parse externally provided URLs without proper validation, it may be vulnerable to CVE-2024-22243.
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- collector/the-register
- source/The Register
- alias/CVE-2024-4947
- agent/severity
- agent/softwarecombine
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-22243
- agent/software-canonical-lookup
- agent/weakness
- collector/nvd-cve
- source/NVD
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/source
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-ccgv-vj62-xf9h
- agent/last-modified-date
- agent/references
- agent/tags
- agent/event
- collector/nvd-api
- agent/description
- collector/github-advisory
- collector/ibm-support
- source/IBM
- package-manager/redhat
- package-manager/maven
- vendor/ibm
- canonical/ibm cognos controller
- version/ibm cognos controller/11.1.0
- version/ibm cognos controller/11.0.0 - 11.0.1