CVE-2023-20883 - OpenCVE

In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Camel Spring Boot Jboss Enterprise Bpms Platform Jboss Fuse Optaplanner
Vmware	Spring Boot

Configuration 1 [-]

OR	cpe:2.3:a:vmware:spring_boot::::::::
	cpe:2.3:a:vmware:spring_boot::::::::
	cpe:2.3:a:vmware:spring_boot::::::::
	cpe:2.3:a:vmware:spring_boot::::::::

Package	CPE	Advisory	Released Date
Red Hat Fuse 7.12
spring-boot	cpe:/a:redhat:jboss_fuse:7	RHSA-2023:3954	2023-06-29T00:00:00Z
RHBOP Text-Only
spring-boot	cpe:/a:redhat:optaplanner:::el6	RHSA-2023:4200	2023-07-18T00:00:00Z
RHINT Camel-Springboot 3.18.3.P2
spring-boot	cpe:/a:redhat:camel_spring_boot:3.18	RHSA-2023:3641	2023-06-15T00:00:00Z
RHINT Camel-Springboot 3.20.1.P1
spring-boot	cpe:/a:redhat:camel_spring_boot:3.20	RHSA-2023:3740	2023-06-21T00:00:00Z
RHPAM 7.13.4 async
spring-boot	cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13	RHSA-2023:4983	2023-09-05T00:00:00Z

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2023-20883
https://security.netapp.com/advisory/ntap-20230703-0008/
https://spring.io/security/cve-2023-20883
https://www.cve.org/CVERecord?id=CVE-2023-20883

History

No history.

MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2023-05-26T00:00:00

Updated: 2024-08-02T09:21:32.875Z

Reserved: 2022-11-01T00:00:00

Link: CVE-2023-20883

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-05-26T17:15:14.047

Modified: 2023-07-03T16:15:09.470

Link: CVE-2023-20883

Redhat

Severity : Important

Publid Date: 2023-05-18T00:00:00Z

Links: CVE-2023-20883 - Bugzilla

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "A242EC56-26CE-48EA-8EF1-2A2E5D9E1239", "versionEndExcluding": "2.5.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE1DE1AC-8AF5-4ED1-98F2-5D6328391FBA", "versionEndIncluding": "2.6.14", "versionStartIncluding": "2.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "36E37F7B-89F0-4153-9914-FC55098E8D37", "versionEndIncluding": "2.7.11", "versionStartIncluding": "2.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*", "matchCriteriaId": "373CD749-82CC-4E59-A1A5-D6EF29B32F35", "versionEndIncluding": "3.0.6", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache."}], "id": "CVE-2023-20883", "lastModified": "2023-07-03T16:15:09.470", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-26T17:15:14.047", "references": [{"source": "security@vmware.com", "url": "https://security.netapp.com/advisory/ntap-20230703-0008/"}, {"source": "security@vmware.com", "tags": ["Vendor Advisory"], "url": "https://spring.io/security/cve-2023-20883"}], "sourceIdentifier": "security@vmware.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "security@vmware.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:3954", "cpe": "cpe:/a:redhat:jboss_fuse:7", "impact": "moderate", "package": "spring-boot", "product_name": "Red Hat Fuse 7.12", "release_date": "2023-06-29T00:00:00Z"}, {"advisory": "RHSA-2023:4200", "cpe": "cpe:/a:redhat:optaplanner:::el6", "package": "spring-boot", "product_name": "RHBOP Text-Only", "release_date": "2023-07-18T00:00:00Z"}, {"advisory": "RHSA-2023:3641", "cpe": "cpe:/a:redhat:camel_spring_boot:3.18", "package": "spring-boot", "product_name": "RHINT Camel-Springboot 3.18.3.P2", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2023:3740", "cpe": "cpe:/a:redhat:camel_spring_boot:3.20", "package": "spring-boot", "product_name": "RHINT Camel-Springboot 3.20.1.P1", "release_date": "2023-06-21T00:00:00Z"}, {"advisory": "RHSA-2023:4983", "cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13", "package": "spring-boot", "product_name": "RHPAM 7.13.4 async", "release_date": "2023-09-05T00:00:00Z"}], "bugzilla": {"description": "spring-boot: Spring Boot Welcome Page DoS Vulnerability", "id": "2209342", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209342"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.", "A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the application being deployed behind a proxy that caches 404 responses. This issue may cause a denial of service (DoS) attack."], "name": "CVE-2023-20883", "package_state": [{"cpe": "cpe:/a:redhat:a_mq_clients:2", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "A-MQ Clients 2"}, {"cpe": "cpe:/a:redhat:migration_toolkit_runtimes:1", "fix_state": "Affected", "package_name": "spring-boot", "product_name": "Migration Toolkit for Runtimes"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "log4j:2/log4j", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "log4j", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:integration:1", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat Integration Camel K"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss A-MQ 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "spring-boot", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform 8"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "spring-boot", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Out of support scope", "package_name": "spring-boot", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "package_name": "spring-boot", "product_name": "Red Hat support for Spring Boot"}, {"cpe": "cpe:/a:redhat:amq_streams:1", "fix_state": "Not affected", "package_name": "spring-boot", "product_name": "streams for Apache Kafka"}], "public_date": "2023-05-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-20883\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-20883"], "threat_severity": "Important", "upstream_fix": "spring-boot 3.0.7, spring-boot 2.7.12, spring-boot 2.6.15, spring-boot 2.5.15"}