Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1mM2poLXF2bTQtbWczOc4AA6FU

High CVSS: 8.2 EPSS: 0.00264% (0.49488 Percentile) EPSS:
Permalink JSON

Erroneous authentication pass in Spring Security

Affected Packages Affected Versions Fixed Versions
maven:org.springframework.security:spring-security-core >= 6.2.0, < 6.2.3, >= 6.0.0, < 6.1.8, >= 5.8.0, < 5.8.11, < 5.7.12 6.2.3, 6.1.8, 5.8.11, 5.7.12
1,940 Dependent packages
44,289 Dependent repositories

Affected Version Ranges

All affected versions

2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 3.2.10.RELEASE, 4.2.10.RELEASE, 4.2.11.RELEASE, 4.2.12.RELEASE, 4.2.13.RELEASE, 4.2.14.RELEASE, 4.2.15.RELEASE, 4.2.16.RELEASE, 4.2.17.RELEASE, 4.2.18.RELEASE, 4.2.19.RELEASE, 4.2.20.RELEASE, 5.0.10.RELEASE, 5.0.11.RELEASE, 5.0.12.RELEASE, 5.0.13.RELEASE, 5.0.14.RELEASE, 5.0.15.RELEASE, 5.0.16.RELEASE, 5.0.17.RELEASE, 5.0.18.RELEASE, 5.0.19.RELEASE, 5.1.10.RELEASE, 5.1.11.RELEASE, 5.1.12.RELEASE, 5.1.13.RELEASE, 5.2.10.RELEASE, 5.2.11.RELEASE, 5.2.12.RELEASE, 5.2.13.RELEASE, 5.2.14.RELEASE, 5.2.15.RELEASE, 5.3.10.RELEASE, 5.3.11.RELEASE, 5.3.12.RELEASE, 5.3.13.RELEASE, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.4.5, 5.4.6, 5.4.7, 5.4.8, 5.4.9, 5.4.10, 5.4.11, 5.5.0, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 5.5.6, 5.5.7, 5.5.8, 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.10, 5.6.11, 5.6.12, 5.7.0, 5.7.1, 5.7.2, 5.7.3, 5.7.4, 5.7.5, 5.7.6, 5.7.7, 5.7.8, 5.7.9, 5.7.10, 5.7.11, 5.8.0, 5.8.1, 5.8.2, 5.8.3, 5.8.4, 5.8.5, 5.8.6, 5.8.7, 5.8.8, 5.8.9, 5.8.10, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.1.0, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.2.0, 6.2.1, 6.2.2

All unaffected versions

5.7.12, 5.7.13, 5.7.14, 5.8.11, 5.8.12, 5.8.13, 5.8.14, 5.8.15, 5.8.16, 6.1.8, 6.1.9, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.10, 6.4.11, 6.4.12, 6.4.13, 6.5.0, 6.5.1, 6.5.2, 6.5.3, 6.5.4, 6.5.5, 6.5.6, 6.5.7, 7.0.0, 7.0.1, 7.0.2

In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.

Specifically, an application is vulnerable if:

The application uses AuthenticatedVoter directly and a null authentication parameter is passed to it resulting in an erroneous true return value.

An application is not vulnerable if any of the following is true:

  • The application does not use AuthenticatedVoter#vote directly.
  • The application does not pass null to AuthenticatedVoter#vote.

Note that AuthenticatedVoter is deprecated since 5.8, use implementations of AuthorizationManager as a replacement.

References:

Identifiers

GHSA-f3jh-qvm4-mg39

CVE-2024-22257

Risk

Severity

High

CVSS

CVSS Score: 8.2

CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

EPSS

EPSS Percentage: 0.00264

EPSS Percentile: 0.49488

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/spring-projects/spring-security
View on Ecosyste.ms

Date and time

Published

almost 2 years ago

Updated

3 days ago

API

JSON