CVE-2024-22259

Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://security.netapp.com/advisory/ntap-20240524-0002/	Third Party Advisory
https://spring.io/security/cve-2024-22259	Vendor Advisory
https://security.netapp.com/advisory/ntap-20240524-0002/	Third Party Advisory
https://spring.io/security/cve-2024-22259	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vmware:spring_framework::::::::
	cpe:2.3:a:vmware:spring_framework::::::::
	cpe:2.3:a:vmware:spring_framework::::::::

Configuration 2 (hide)

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::

History

No history.

Information

Published : 2024-03-16 05:15

Updated : 2025-06-10 15:55

NVD link : CVE-2024-22259

Mitre link : CVE-2024-22259

CVE.ORG link : CVE-2024-22259

JSON object : View

Products Affected

vmware

spring_framework

netapp

active_iq_unified_manager

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

{"id": "CVE-2024-22259", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-03-16T05:15:20.830", "references": [{"url": "https://security.netapp.com/advisory/ntap-20240524-0002/", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://spring.io/security/cve-2024-22259", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://security.netapp.com/advisory/ntap-20240524-0002/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://spring.io/security/cve-2024-22259", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "Applications that use UriComponentsBuilder in Spring Framework\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input."}, {"lang": "es", "value": "Las aplicaciones que utilizan UriComponentsBuilder en Spring Framework para analizar una URL proporcionada externamente (por ejemplo, a trav\u00e9s de un par\u00e1metro de consulta) Y realizan comprobaciones de validaci\u00f3n en el host de la URL analizada pueden ser vulnerables a una redirecci\u00f3n abierta https://cwe.mitre.org/data/ definiciones/601.html o a un ataque SSRF si la URL se utiliza despu\u00e9s de pasar las comprobaciones de validaci\u00f3n. Esto es lo mismo que CVE-2024-22243 https://spring.io/security/cve-2024-22243, pero con entradas diferentes."}], "lastModified": "2025-06-10T15:55:48.787", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "265CE42F-68C0-46AD-80E8-382D052833E6", "versionEndExcluding": "5.3.33"}, {"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C1F744C-2328-45FA-BA6F-EAC3AA1E4FC6", "versionEndExcluding": "6.0.18", "versionStartIncluding": "6.0.0"}, {"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4C4F614-8E7A-4FFE-BC70-1728739E8E3C", "versionEndExcluding": "6.1.5", "versionStartIncluding": "6.1.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1"}, {"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "vulnerable": true, "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"}, {"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}