Vulnerability Name:

CVE-2014-1904 (CCN-91890)

Assigned:2014-03-11
Published:2014-03-11
Updated:2019-03-27
Summary:Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Cross-Site Scripting
References:Source: MITRE
Type: CNA
CVE-2014-1904

Source: CONFIRM
Type: Vendor Advisory
http://docs.spring.io/spring/docs/3.2.8.RELEASE/changelog.txt

Source: REDHAT
Type: Third Party Advisory
RHSA-2014:0400

Source: CCN
Type: Bugtraq Mailing List, Tue 11 Mar 2014
CVE-2014-1904 XSS when using Spring MVC

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20140312 CVE-2014-1904 XSS when using Spring MVC

Source: SECUNIA
Type: Permissions Required
57915

Source: CCN
Type: Pivotal Web Site
CVE-2014-1904 XSS when using Spring MVC

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.gopivotal.com/security/cve-2014-1904

Source: CCN
Type: IBM Security Bulletin 1989676 (WebSphere Portal)
Security Vulnerabilities in Spring Framework affect IBM WebSphere Portal

Source: CCN
Type: IBM Security Bulletin 2013753 (Security Guardium Big Data Intelligence)
IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities

Source: BUGTRAQ
Type: Broken Link
20140311 CVE-2014-1904 XSS when using Spring MVC

Source: BID
Type: Third Party Advisory, VDB Entry
66137

Source: CCN
Type: BID-66137
Spring Framework 'FormTag.java' Cross Site Scripting Vulnerability

Source: XF
Type: UNKNOWN
spring-mvc-cve20141904-xss(91890)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/spring-projects/spring-framework/commit/741b4b229ae032bd17175b46f98673ce0bd2d485

Source: CONFIRM
Type: Permissions Required
https://jira.springsource.org/browse/SPR-11426

Source: CCN
Type: IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-1904

Vulnerable Configuration:Configuration 1:
  • cpe:/a:pivotal_software:spring_framework:*:*:*:*:*:*:*:* (Version >= 3.0.0 and < 3.2.8)
  • OR cpe:/a:pivotal_software:spring_framework:*:*:*:*:*:*:*:* (Version >= 4.0.0 and < 4.0.2)

  • Configuration CCN 1:
  • cpe:/a:ibm:websphere_portal:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_portal:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_big_data_intelligence:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:24431
    P
    DSA-2890-1 libspring-java - security update
    2014-06-23
    oval:com.ubuntu.xenial:def:201419040000000
    V
    CVE-2014-1904 on Ubuntu 16.04 LTS (xenial) - medium.
    2014-03-20
    oval:com.ubuntu.artful:def:20141904000
    V
    CVE-2014-1904 on Ubuntu 17.10 (artful) - medium.
    2014-03-20
    oval:com.ubuntu.xenial:def:20141904000
    V
    CVE-2014-1904 on Ubuntu 16.04 LTS (xenial) - medium.
    2014-03-20
    oval:com.ubuntu.bionic:def:20141904000
    V
    CVE-2014-1904 on Ubuntu 18.04 LTS (bionic) - medium.
    2014-03-20
    oval:com.ubuntu.precise:def:20141904000
    V
    CVE-2014-1904 on Ubuntu 12.04 LTS (precise) - medium.
    2014-03-20
    oval:com.ubuntu.bionic:def:201419040000000
    V
    CVE-2014-1904 on Ubuntu 18.04 LTS (bionic) - medium.
    2014-03-20
    oval:com.ubuntu.trusty:def:20141904000
    V
    CVE-2014-1904 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-03-20
    BACK
    pivotal_software spring framework *
    pivotal_software spring framework *
    ibm websphere portal 8.0
    ibm websphere portal 8.5
    ibm security identity governance and intelligence 5.2
    ibm security identity governance and intelligence 5.2.1
    ibm security guardium big data intelligence 3.1
    ibm security identity governance and intelligence 5.2.2
    ibm security identity governance and intelligence 5.2.2.1
    ibm security identity governance and intelligence 5.2.3
    ibm security identity governance and intelligence 5.2.3.1
    ibm security identity governance and intelligence 5.2.3.2
    ibm security identity governance and intelligence 5.2.4
    ibm security identity governance and intelligence 5.2.4.1