CVE-2024-22257 (GCVE-0-2024-22257)

Vulnerability from cvelistv5 – Published: 2024-03-18 14:18 – Updated: 2025-02-13 17:33
VLAI
Summary
In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.
Severity
8.2 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • Possible Broken Access Control in Spring Security With Direct Use of AuthenticatedVoter
  • CWE-862 - Missing Authorization
Assigner
References
Impacted products
Vendor Product Version
N/A Spring Security Affected: 6.2.0 to 6.2.2, 6.1.0 to 6.1.7, 6.0.0 to 6.0.9, 5.8.0 to 5.8.10, 5.7.0 to 5.7.11
Create a notification for this product.
pivotal_software spring_security Affected: 5.7.0 , ≤ 5.7.11 (custom)
Affected: 5.8.0 , ≤ 5.8.10 (custom)
Affected: 6.0.0 , ≤ 6.0.9 (custom)
Affected: 6.1.0 , ≤ 6.1.7 (custom)
Affected: 6.2.0 , ≤ 6.2.2 (custom)
    cpe:2.3:a:pivotal_software:spring_security:5.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:pivotal_software:spring_security:5.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:pivotal_software:spring_security:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:pivotal_software:spring_security:6.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:pivotal_software:spring_security:6.2.0:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:pivotal_software:spring_security:5.7.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:pivotal_software:spring_security:5.8.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:pivotal_software:spring_security:6.0.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:pivotal_software:spring_security:6.1.0:*:*:*:*:*:*:*",
              "cpe:2.3:a:pivotal_software:spring_security:6.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "spring_security",
            "vendor": "pivotal_software",
            "versions": [
              {
                "lessThanOrEqual": "5.7.11",
                "status": "affected",
                "version": "5.7.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "5.8.10",
                "status": "affected",
                "version": "5.8.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.0.9",
                "status": "affected",
                "version": "6.0.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.1.7",
                "status": "affected",
                "version": "6.1.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "6.2.2",
                "status": "affected",
                "version": "6.2.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22257",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T15:22:14.458591Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-862",
                "description": "CWE-862 Missing Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T15:32:11.373Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:43:34.618Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://spring.io/security/cve-2024-22257"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240419-0005/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Spring Security",
          "vendor": "N/A",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.0 to 6.2.2, 6.1.0 to 6.1.7, 6.0.0 to 6.0.9, 5.8.0 to 5.8.10, 5.7.0 to 5.7.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to \n5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, \nversions 6.2.x prior to 6.2.3, an application is possible vulnerable to \nbroken access control when it directly uses the \u003ccode\u003eAuthenticatedVoter#vote\u003c/code\u003e passing a \u003ccode\u003enull\u003c/code\u003e Authentication parameter."
            }
          ],
          "value": "In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to \n5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, \nversions 6.2.x prior to 6.2.3, an application is possible vulnerable to \nbroken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Possible Broken Access Control in Spring Security With Direct Use of AuthenticatedVoter",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-19T07:05:54.309Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://spring.io/security/cve-2024-22257"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240419-0005/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2024-22257",
    "datePublished": "2024-03-18T14:18:52.986Z",
    "dateReserved": "2024-01-08T18:43:15.942Z",
    "dateUpdated": "2025-02-13T17:33:39.030Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-22257",
      "date": "2026-06-19",
      "epss": "0.00776",
      "percentile": "0.50997"
    },
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to \\n5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, \\nversions 6.2.x prior to 6.2.3, an application is possible vulnerable to \\nbroken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"En Spring Security, versiones 5.7.x anteriores a 5.7.12, 5.8.x anteriores a 5.8.11, versiones 6.0.x anteriores a 6.0.9, versiones 6.1.x anteriores a 6.1.8, versiones 6.2.x anteriores a 6.2 .3, una aplicaci\\u00f3n es posiblemente vulnerable a un control de acceso roto cuando utiliza directamente el voto Autenticado#voto pasando un par\\u00e1metro de autenticaci\\u00f3n nulo.\"}]",
      "id": "CVE-2024-22257",
      "lastModified": "2024-11-21T08:55:54.403",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.2}]}",
      "published": "2024-03-18T15:15:41.790",
      "references": "[{\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0005/\", \"source\": \"security@vmware.com\"}, {\"url\": \"https://spring.io/security/cve-2024-22257\", \"source\": \"security@vmware.com\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0005/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://spring.io/security/cve-2024-22257\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@vmware.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-862\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-22257\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-03-18T15:15:41.790\",\"lastModified\":\"2025-02-13T18:16:47.687\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to \\n5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, \\nversions 6.2.x prior to 6.2.3, an application is possible vulnerable to \\nbroken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.\"},{\"lang\":\"es\",\"value\":\"En Spring Security, versiones 5.7.x anteriores a 5.7.12, 5.8.x anteriores a 5.8.11, versiones 6.0.x anteriores a 6.0.9, versiones 6.1.x anteriores a 6.1.8, versiones 6.2.x anteriores a 6.2 .3, una aplicaci\u00f3n es posiblemente vulnerable a un control de acceso roto cuando utiliza directamente el voto Autenticado#voto pasando un par\u00e1metro de autenticaci\u00f3n nulo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"references\":[{\"url\":\"https://security.netapp.com/advisory/ntap-20240419-0005/\",\"source\":\"security@vmware.com\"},{\"url\":\"https://spring.io/security/cve-2024-22257\",\"source\":\"security@vmware.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240419-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://spring.io/security/cve-2024-22257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://spring.io/security/cve-2024-22257\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0005/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:43:34.618Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-22257\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-12T15:22:14.458591Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:pivotal_software:spring_security:5.7.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:pivotal_software:spring_security:5.8.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:pivotal_software:spring_security:6.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:pivotal_software:spring_security:6.1.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:pivotal_software:spring_security:6.2.0:*:*:*:*:*:*:*\"], \"vendor\": \"pivotal_software\", \"product\": \"spring_security\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.7.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.7.11\"}, {\"status\": \"affected\", \"version\": \"5.8.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.8.10\"}, {\"status\": \"affected\", \"version\": \"6.0.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.0.9\"}, {\"status\": \"affected\", \"version\": \"6.1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.1.7\"}, {\"status\": \"affected\", \"version\": \"6.2.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.2.2\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:18.409Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"N/A\", \"product\": \"Spring Security\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2.0 to 6.2.2, 6.1.0 to 6.1.7, 6.0.0 to 6.0.9, 5.8.0 to 5.8.10, 5.7.0 to 5.7.11\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://spring.io/security/cve-2024-22257\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240419-0005/\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to \\n5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, \\nversions 6.2.x prior to 6.2.3, an application is possible vulnerable to \\nbroken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\nIn Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to \\n5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, \\nversions 6.2.x prior to 6.2.3, an application is possible vulnerable to \\nbroken access control when it directly uses the \u003ccode\u003eAuthenticatedVoter#vote\u003c/code\u003e passing a \u003ccode\u003enull\u003c/code\u003e Authentication parameter.\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Possible Broken Access Control in Spring Security With Direct Use of AuthenticatedVoter\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-03-18T14:18:52.986Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-22257\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-12T15:32:11.373Z\", \"dateReserved\": \"2024-01-08T18:43:15.942Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-03-18T14:18:52.986Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.