All the vulnerabilites related to spring - spring security
cve-2019-3795
Vulnerability from cvelistv5
Published
2019-04-09 15:29
Modified
2024-09-17 00:02
Severity ?
EPSS score ?
Summary
Insecure Randomness When Using a SecureRandom Instance Constructed by Spring Security
References
| ▼ | URL | Tags |
|---|---|---|
| https://pivotal.io/security/cve-2019-3795 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/107802 | vdb-entry, x_refsource_BID | |
| https://lists.debian.org/debian-lts-announce/2019/05/msg00026.html | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Spring | Spring Security |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2019-3795"
},
{
"name": "107802",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107802"
},
{
"name": "[debian-lts-announce] 20190520 [SECURITY] [DLA 1794-1] libspring-security-2.0-java security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spring Security",
"vendor": "Spring",
"versions": [
{
"lessThan": "5.0.11.RELEASE",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"lessThan": "5.1.4.RELEASE",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"lessThan": "4.2.11.RELEASE",
"status": "affected",
"version": "4.2",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-20T05:06:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2019-3795"
},
{
"name": "107802",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107802"
},
{
"name": "[debian-lts-announce] 20190520 [SECURITY] [DLA 1794-1] libspring-security-2.0-java security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00026.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Randomness When Using a SecureRandom Instance Constructed by Spring Security",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"DATE_PUBLIC": "2019-04-04T18:01:40.000Z",
"ID": "CVE-2019-3795",
"STATE": "PUBLIC",
"TITLE": "Insecure Randomness When Using a SecureRandom Instance Constructed by Spring Security"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spring Security",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "5.0",
"version_value": "5.0.11.RELEASE"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "5.1",
"version_value": "5.1.4.RELEASE"
},
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "4.2",
"version_value": "4.2.11.RELEASE"
}
]
}
}
]
},
"vendor_name": "Spring"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-330: Use of Insufficiently Random Values"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2019-3795",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2019-3795"
},
{
"name": "107802",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107802"
},
{
"name": "[debian-lts-announce] 20190520 [SECURITY] [DLA 1794-1] libspring-security-2.0-java security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00026.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2019-3795",
"datePublished": "2019-04-09T15:29:02.127885Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-17T00:02:03.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11272
Vulnerability from cvelistv5
Published
2019-06-26 14:06
Modified
2024-09-16 19:25
Severity ?
EPSS score ?
Summary
PlaintextPasswordEncoder authenticates encoded passwords that are null
References
| ▼ | URL | Tags |
|---|---|---|
| https://pivotal.io/security/cve-2019-11272 | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2019/07/msg00008.html | mailing-list, x_refsource_MLIST |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Spring | Spring Security |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:09.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://pivotal.io/security/cve-2019-11272"
},
{
"name": "[debian-lts-announce] 20190709 [SECURITY] [DLA 1848-1] libspring-security-2.0-java security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spring Security",
"vendor": "Spring",
"versions": [
{
"lessThan": "4.2.13.RELEASE",
"status": "affected",
"version": "4.2",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user has a null encoded password, a malicious user (or attacker) can authenticate using a password of \"null\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-09T08:06:02",
"orgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"shortName": "pivotal"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://pivotal.io/security/cve-2019-11272"
},
{
"name": "[debian-lts-announce] 20190709 [SECURITY] [DLA 1848-1] libspring-security-2.0-java security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00008.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PlaintextPasswordEncoder authenticates encoded passwords that are null",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2019-06-20T20:19:44.000Z",
"ID": "CVE-2019-11272",
"STATE": "PUBLIC",
"TITLE": "PlaintextPasswordEncoder authenticates encoded passwords that are null"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spring Security",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_name": "4.2",
"version_value": "4.2.13.RELEASE"
}
]
}
}
]
},
"vendor_name": "Spring"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user has a null encoded password, a malicious user (or attacker) can authenticate using a password of \"null\"."
}
]
},
"impact": null,
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287: Improper Authentication - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2019-11272",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2019-11272"
},
{
"name": "[debian-lts-announce] 20190709 [SECURITY] [DLA 1848-1] libspring-security-2.0-java security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00008.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "862b2186-222f-48b9-af87-f1fb7bb26d03",
"assignerShortName": "pivotal",
"cveId": "CVE-2019-11272",
"datePublished": "2019-06-26T14:06:15.312137Z",
"dateReserved": "2019-04-18T00:00:00",
"dateUpdated": "2024-09-16T19:25:59.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-22234
Vulnerability from cvelistv5
Published
2024-02-20 07:02
Modified
2024-08-01 22:43
Severity ?
EPSS score ?
Summary
CVE-2024-22234: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Spring | Spring Security |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:spring_security:6.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "spring_security",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.1.7",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:spring_security:6.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "spring_security",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.2.2",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22234",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-21T19:46:52.509563Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T17:21:05.285Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22234"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240315-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Spring Security",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.1.7",
"status": "affected",
"version": "6.1.x",
"versionType": "6.1.7"
},
{
"lessThan": "6.2.2",
"status": "affected",
"version": "6.2.x",
"versionType": "6.2.2"
}
]
}
],
"datePublic": "2024-02-19T08:59:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control when it directly uses the \u003ccode\u003eAuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u003c/code\u003e\u0026nbsp;method.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable if:\u003c/p\u003e\u003cul\u003e\u003cli\u003eThe application uses \u003ccode\u003eAuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u003c/code\u003e\u0026nbsp;directly and a \u003ccode\u003enull\u003c/code\u003e\u0026nbsp;authentication parameter is passed to it resulting in an erroneous \u003ccode\u003etrue\u003c/code\u003e\u0026nbsp;return value.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eAn application is not vulnerable if any of the following is true:\u003c/p\u003e\u003cul\u003e\u003cli\u003eThe application does not use \u003ccode\u003eAuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u003c/code\u003e\u0026nbsp;directly.\u003c/li\u003e\u003cli\u003eThe application does not pass \u003ccode\u003enull\u003c/code\u003e\u0026nbsp;to \u003ccode\u003eAuthenticationTrustResolver.isFullyAuthenticated\u003c/code\u003e\u003c/li\u003e\u003cli\u003eThe application only uses \u003ccode\u003eisFullyAuthenticated\u003c/code\u003e\u0026nbsp;via \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html\"\u003eMethod Security\u003c/a\u003e\u0026nbsp;or \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.spring.io/spring-security/reference/servlet/authorization/authorize-http-requests.html\"\u003eHTTP Request Security\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control when it directly uses the AuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u00a0method.\n\nSpecifically, an application is vulnerable if:\n\n * The application uses AuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u00a0directly and a null\u00a0authentication parameter is passed to it resulting in an erroneous true\u00a0return value.\n\n\nAn application is not vulnerable if any of the following is true:\n\n * The application does not use AuthenticationTrustResolver.isFullyAuthenticated(Authentication)\u00a0directly.\n * The application does not pass null\u00a0to AuthenticationTrustResolver.isFullyAuthenticated\n * The application only uses isFullyAuthenticated\u00a0via Method Security https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html \u00a0or HTTP Request Security https://docs.spring.io/spring-security/reference/servlet/authorization/authorize-http-requests.html \n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-20T07:02:50.873Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22234"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240315-0003/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22234: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22234",
"datePublished": "2024-02-20T07:02:50.873Z",
"dateReserved": "2024-01-08T16:40:16.141Z",
"dateUpdated": "2024-08-01T22:43:33.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-38810
Vulnerability from cvelistv5
Published
2024-08-20 03:35
Modified
2024-08-20 13:34
Severity ?
EPSS score ?
Summary
Missing Authorization When Using @AuthorizeReturnObject
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| spring | spring security |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38810",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T13:34:39.309830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T13:34:50.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "spring security",
"vendor": "spring",
"versions": [
{
"lessThan": "6.3.2",
"status": "affected",
"version": "6.3.x",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch1\u003eMissing Authorization When Using @AuthorizeReturnObject in Spring Security 6.3.0 and 6.3.1 allows attacker to render security annotations inaffective.\u003cbr\u003e\u003c/h1\u003e\u003cbr\u003e"
}
],
"value": "Missing Authorization When Using @AuthorizeReturnObject in Spring Security 6.3.0 and 6.3.1 allows attacker to render security annotations inaffective."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T03:35:24.795Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-38810"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Missing Authorization When Using @AuthorizeReturnObject",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38810",
"datePublished": "2024-08-20T03:35:24.795Z",
"dateReserved": "2024-06-19T22:31:57.187Z",
"dateUpdated": "2024-08-20T13:34:50.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}