Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 21/04/2022 Updated: 08/08/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 357

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

<Issue Description> Spring Security OAuth versions 2.5.x before 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pivotal spring security oauth
oracle communications design studio 7.4.2

NVD-CWE-noinfo https://tanzu.vmware.com/security/cve-2022-22969 https://www.oracle.com/security-alerts/cpujul2022.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-22969

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect