Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2014-3527

Good to know:

icon

Date: May 25, 2017

When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authentication uses the information from the HttpServletRequest which is populated based upon untrusted information within the HTTP request. This means if there are access control restrictions on which CAS services can authenticate to one another, those restrictions can be bypassed. If users are not using CAS Proxy tickets and not basing access control decisions based upon the CAS Service, then there is no impact to users.

Language: Java

Severity Score

Related Resources (6)

https://pivotal.io/security/cve-2014-3527
https://github.com/spring-projects/spring-security/commit/934937d9c1dc20c396b96c08310b72cfa627acb
https://nvd.nist.gov/vuln/detail/CVE-2014-3527
https://github.com/spring-projects/spring-security
https://github.com/spring-projects/spring-security/issues/2907
https://www.mend.io/vulnerability-database/CVE-2014-3527

Severity Score

Weakness Type (CWE)

Authentication Issues

CWE-287

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us