CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-22262

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.03359/1

CVE-2024-22262 is a critical security vulnerability affecting applications using UriComponentsBuilder to parse external URLs, potentially leading to open redirect or SSRF attacks. This issue arises when validation checks on the URL's host are performed after parsing, leaving systems vulnerable. Despite a CVSS score of 0, indicating a base severity that might seem low, the SOCRadar Vulnerability Risk Score (SVRS) of 30 suggests a moderate level of risk based on real-world exploitability. This CVE is related to CVE-2024-22259 and CVE-2024-22243, differing only in the input method. Successful exploitation could allow attackers to redirect users to malicious sites or perform server-side request forgery. While the CVSS score is low, organizations should investigate and apply relevant patches or mitigations, especially if their applications handle external URLs extensively. This vulnerability is significant because it can bypass common security measures and lead to serious consequences.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-04-16
LAST MODIFIED2025-02-13
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-22262 is a vulnerability with a CVSS score of 0, indicating a low severity. However, SOCRadar's SVRS assigns it a score of 30, highlighting the potential for exploitation. This discrepancy stems from SOCRadar's integration of additional intelligence sources, including social media, news, and dark web data.

Key Insights

  • Active Exploitation: The vulnerability is actively exploited in the wild, posing an immediate threat to organizations.
  • Low CVSS Score: The CVSS score of 0 may underestimate the severity of the vulnerability, as it does not consider the broader context and intelligence gathered by SOCRadar.
  • SVRS Score of 30: The SVRS score of 30 indicates a moderate level of risk, warranting attention and prompt mitigation.
  • Threat Actors: Specific threat actors or APT groups exploiting this vulnerability have not been identified at this time.

Mitigation Strategies

  • Apply Software Updates: Install the latest software updates from the vendor to patch the vulnerability.
  • Enable Intrusion Detection Systems (IDS): Configure IDS to detect and block malicious activity targeting the vulnerable software.
  • Restrict Network Access: Limit network access to critical systems and services to reduce the attack surface.
  • Educate Users: Train users on security best practices, such as avoiding suspicious links and attachments.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-22262 | Vmware Spring Framework up to 5.3.33/6.0.18/6.1.5 URL Parser UriComponentsBuilder redirect
vuldb.com2025-04-06
CVE-2024-22262 | Vmware Spring Framework up to 5.3.33/6.0.18/6.1.5 URL Parser UriComponentsBuilder redirect | A vulnerability was found in Vmware Spring Framework up to 5.3.33/6.0.18/6.1.5 and classified as problematic. This issue affects the function UriComponentsBuilder of the component URL Parser. The manipulation leads to open redirect. The identification of this vulnerability is CVE-2024-22262. The attack
vuldb.com
rss
forum
news
Atlassian Data Center & Server Flaw Let Hackers Execute Arbitrary Code
Guru Baran2024-07-17
Atlassian Data Center &amp; Server Flaw Let Hackers Execute Arbitrary Code | Atlassian, a leading provider of collaboration and productivity software, has released critical security updates addressing multiple high-severity vulnerabilities in its Data Center and Server products. If exploited, these vulnerabilities could allow attackers to execute arbitrary code on affected systems. The most severe of these vulnerabilities, CVE-2024-21687, has a high CVSS score of 8.1 out of [&#8230;] The post Atlassian Data Center &amp; Server Flaw Let Hackers Execute Arbitrary Code<
cybersecuritynews.com
rss
forum
news
Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms
Maine Basan2024-06-24
Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms | Major platforms performed recent fixes to address critical vulnerabilities. Patch your systems now. The post Vulnerability Recap 6/24/24 – Patch Highlights Across Platforms appeared first on eSecurity Planet.In last week’s vulnerability news, major companies performed recent patches to resolve critical vulnerabilities across various software and hardware platforms. Microsoft addressed a remote code execution issue. ASUS fixed authentication bypass
cve-2024-22243
cve-2024-37081
cve-2024-22259
cve-2024-22257
Atlassian fixed six high-severity bugs in Confluence Data Center and Server
Pierluigi Paganini2024-06-20
Atlassian fixed six high-severity bugs in Confluence Data Center and Server | Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-severity vulnerabilities in Confluence, Crucible, and Jira products. The most severe issue addressed by the company is an improper authorization org.springframework.security:spring-security-core dependency in Confluence Data Center and Server. The flaw tracked as CVE-2024-22257 [&#8230;]
securityaffairs.co
rss
forum
news

Social Media

No tweets found for this CVE

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://spring.io/security/cve-2024-22262
[email protected]https://security.netapp.com/advisory/ntap-20240524-0003/
[email protected]https://spring.io/security/cve-2024-22262
AF854A3A-2127-422B-91AE-364DA2661108https://security.netapp.com/advisory/ntap-20240524-0003/
AF854A3A-2127-422B-91AE-364DA2661108https://spring.io/security/cve-2024-22262
[email protected]https://security.netapp.com/advisory/ntap-20240524-0003/
[email protected]https://spring.io/security/cve-2024-22262

CWE Details

CWE IDCWE NameDescription
CWE-918Server-Side Request Forgery (SSRF)The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
CWE-601URL Redirection to Untrusted Site ('Open Redirect')A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence