Lucene search
PRIOn knowledge basePRION:CVE-2022-22969HistoryApr 21, 2022 - 7:15 p.m.
Authorization
2022-04-2119:15:00
PRIOn knowledge base
www.prio-n.com
4
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.
| CPE | Name | Operator | Version |
|---|---|---|---|
| communications_design_studio | eq | 7.4.2 | |
| spring_security_oauth | ge | 2.5.0 | |
| spring_security_oauth | lt | 2.5.2 |
Related
veracode
veracode
Denial Of Service (DoS)
2022-04-22 01:30:09
spring
spring
CVE report published for Spring Security OAuth
2022-04-21 09:00:00
osv
osv
Denial of service in Spring Security OAuth2
2022-04-22 00:00:33
CVE-2022-22969
2022-04-21 19:15:08
cnvd
cnvd
Pivotal Spring Security Oauth Resource Management Error Vulnerability
2022-04-24 00:00:00
cve
cve
CVE-2022-22969
2022-04-21 19:15:08
cvelist
cvelist
CVE-2022-22969
2022-04-21 18:16:02
ibm
ibm
nvd
nvd
CVE-2022-22969
2022-04-21 19:15:08
github
github
Denial of service in Spring Security OAuth2
2022-04-22 00:00:33
jvn
jvn
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00