CVE-2023-34042 (GCVE-0-2023-34042)

Vulnerability from cvelistv5 – Published: 2024-02-05 22:00 – Updated: 2025-06-03 18:51
VLAI?
Summary
The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be written by anyone with access to the file system. While there are no known exploits, this is an example of “CWE-732: Incorrect Permission Assignment for Critical Resource” and could result in an exploit. Users should update to the latest version of Spring Security to mitigate any future exploits found around this issue.
Severity ?
4.1 (Medium)
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
CWE
  • Incorrect Permission Assignment for spring-security.xsd
Assigner
References
Impacted products
Vendor Product Version
N/A Spring Security Affected: Spring Security 6.1.x prior to 6.1.4, Spring Security 6.0.x prior to 6.0.7, Spring Security 5.8.x prior to 5.8.7, Spring Security 5.7.x prior to 5.7.11
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-34042",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-06T16:00:46.931733Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-732",
                "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T18:51:02.797Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-29T12:04:39.444Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://spring.io/security/cve-2023-34042"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241129-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Spring Security",
          "vendor": "N/A",
          "versions": [
            {
              "status": "affected",
              "version": "Spring Security 6.1.x prior to 6.1.4, Spring Security 6.0.x prior to 6.0.7, Spring Security 5.8.x prior to 5.8.7, Spring Security 5.7.x prior to 5.7.11"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\u003cdiv\u003e\u003cp\u003eThe spring-security.xsd file inside the \nspring-security-config jar is world writable which means that if it were\n extracted it could be written by anyone with access to the file system.\u003c/p\u003e\n\u003cp\u003eWhile there are no known exploits, this is an example of \u201cCWE-732: \nIncorrect Permission Assignment for Critical Resource\u201d and could result \nin an exploit. Users should update to the latest version of Spring \nSecurity to mitigate any future exploits found around this issue.\u003c/p\u003e\u003c/div\u003e\n\n"
            }
          ],
          "value": "The spring-security.xsd file inside the \nspring-security-config jar is world writable which means that if it were\n extracted it could be written by anyone with access to the file system.\n\n\nWhile there are no known exploits, this is an example of \u201cCWE-732: \nIncorrect Permission Assignment for Critical Resource\u201d and could result \nin an exploit. Users should update to the latest version of Spring \nSecurity to mitigate any future exploits found around this issue.\n\n\n\n\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Incorrect Permission Assignment for spring-security.xsd",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-05T22:00:01.075Z",
        "orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
        "shortName": "vmware"
      },
      "references": [
        {
          "url": "https://spring.io/security/cve-2023-34042"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
    "assignerShortName": "vmware",
    "cveId": "CVE-2023-34042",
    "datePublished": "2024-02-05T22:00:01.075Z",
    "dateReserved": "2023-05-25T17:21:56.202Z",
    "dateUpdated": "2025-06-03T18:51:02.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.8.4\", \"versionEndExcluding\": \"5.8.7\", \"matchCriteriaId\": \"C39570F8-3624-4CC5-AFC0-E45B060BDEAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0.4\", \"versionEndExcluding\": \"6.0.7\", \"matchCriteriaId\": \"D26A2C2D-651A-4696-A7EF-36172BDA70FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.1.1\", \"versionEndExcluding\": \"6.1.4\", \"matchCriteriaId\": \"1AA03FA3-ACE0-4B22-B084-DEC834EB2F5A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_security:5.7.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61397AD3-0A8F-4B9A-9B66-E27CA64392A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:vmware:spring_security:5.7.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E23F4313-761C-4A30-A891-156EFF583822\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The spring-security.xsd file inside the \\nspring-security-config jar is world writable which means that if it were\\n extracted it could be written by anyone with access to the file system.\\n\\n\\nWhile there are no known exploits, this is an example of \\u201cCWE-732: \\nIncorrect Permission Assignment for Critical Resource\\u201d and could result \\nin an exploit. Users should update to the latest version of Spring \\nSecurity to mitigate any future exploits found around this issue.\\n\\n\\n\\n\\n\\n\"}, {\"lang\": \"es\", \"value\": \"El archivo spring-security.xsd dentro del jar spring-security-config se puede escribir en todo el mundo, lo que significa que si se extrajera, cualquier persona con acceso al sistema de archivos podr\\u00eda escribirlo. Si bien no se conocen exploits, este es un ejemplo de \\\"CWE-732: Asignaci\\u00f3n de permisos incorrecta para recursos cr\\u00edticos\\\" y podr\\u00eda resultar en un exploit. Los usuarios deben actualizar a la \\u00faltima versi\\u00f3n de Spring Security para mitigar cualquier vulnerabilidad futura que se encuentre en torno a este problema.\"}]",
      "id": "CVE-2023-34042",
      "lastModified": "2024-11-29T12:15:06.273",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@vmware.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 4.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.5, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-02-05T22:15:55.210",
      "references": "[{\"url\": \"https://spring.io/security/cve-2023-34042\", \"source\": \"security@vmware.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241129-0010/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://spring.io/security/cve-2023-34042\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@vmware.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-732\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-34042\",\"sourceIdentifier\":\"security@vmware.com\",\"published\":\"2024-02-05T22:15:55.210\",\"lastModified\":\"2025-06-03T19:15:32.450\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The spring-security.xsd file inside the \\nspring-security-config jar is world writable which means that if it were\\n extracted it could be written by anyone with access to the file system.\\n\\n\\nWhile there are no known exploits, this is an example of \u201cCWE-732: \\nIncorrect Permission Assignment for Critical Resource\u201d and could result \\nin an exploit. Users should update to the latest version of Spring \\nSecurity to mitigate any future exploits found around this issue.\\n\\n\\n\\n\\n\\n\"},{\"lang\":\"es\",\"value\":\"El archivo spring-security.xsd dentro del jar spring-security-config se puede escribir en todo el mundo, lo que significa que si se extrajera, cualquier persona con acceso al sistema de archivos podr\u00eda escribirlo. Si bien no se conocen exploits, este es un ejemplo de \\\"CWE-732: Asignaci\u00f3n de permisos incorrecta para recursos cr\u00edticos\\\" y podr\u00eda resultar en un exploit. Los usuarios deben actualizar a la \u00faltima versi\u00f3n de Spring Security para mitigar cualquier vulnerabilidad futura que se encuentre en torno a este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@vmware.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":4.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.5,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.8.4\",\"versionEndExcluding\":\"5.8.7\",\"matchCriteriaId\":\"C39570F8-3624-4CC5-AFC0-E45B060BDEAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.4\",\"versionEndExcluding\":\"6.0.7\",\"matchCriteriaId\":\"D26A2C2D-651A-4696-A7EF-36172BDA70FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_security:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.1\",\"versionEndExcluding\":\"6.1.4\",\"matchCriteriaId\":\"1AA03FA3-ACE0-4B22-B084-DEC834EB2F5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_security:5.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61397AD3-0A8F-4B9A-9B66-E27CA64392A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vmware:spring_security:5.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E23F4313-761C-4A30-A891-156EFF583822\"}]}]}],\"references\":[{\"url\":\"https://spring.io/security/cve-2023-34042\",\"source\":\"security@vmware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20241129-0010/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://spring.io/security/cve-2023-34042\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://spring.io/security/cve-2023-34042\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20241129-0010/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-11-29T12:04:39.444Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-34042\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-06T16:00:46.931733Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-732\", \"description\": \"CWE-732 Incorrect Permission Assignment for Critical Resource\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-05T15:20:44.411Z\"}}], \"cna\": {\"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"N/A\", \"product\": \"Spring Security\", \"versions\": [{\"status\": \"affected\", \"version\": \"Spring Security 6.1.x prior to 6.1.4, Spring Security 6.0.x prior to 6.0.7, Spring Security 5.8.x prior to 5.8.7, Spring Security 5.7.x prior to 5.7.11\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://spring.io/security/cve-2023-34042\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The spring-security.xsd file inside the \\nspring-security-config jar is world writable which means that if it were\\n extracted it could be written by anyone with access to the file system.\\n\\n\\nWhile there are no known exploits, this is an example of \\u201cCWE-732: \\nIncorrect Permission Assignment for Critical Resource\\u201d and could result \\nin an exploit. Users should update to the latest version of Spring \\nSecurity to mitigate any future exploits found around this issue.\\n\\n\\n\\n\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\\n\u003cdiv\u003e\u003cp\u003eThe spring-security.xsd file inside the \\nspring-security-config jar is world writable which means that if it were\\n extracted it could be written by anyone with access to the file system.\u003c/p\u003e\\n\u003cp\u003eWhile there are no known exploits, this is an example of \\u201cCWE-732: \\nIncorrect Permission Assignment for Critical Resource\\u201d and could result \\nin an exploit. Users should update to the latest version of Spring \\nSecurity to mitigate any future exploits found around this issue.\u003c/p\u003e\u003c/div\u003e\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Incorrect Permission Assignment for spring-security.xsd\"}]}], \"providerMetadata\": {\"orgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"shortName\": \"vmware\", \"dateUpdated\": \"2024-02-05T22:00:01.075Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-34042\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-03T18:51:02.797Z\", \"dateReserved\": \"2023-05-25T17:21:56.202Z\", \"assignerOrgId\": \"dcf2e128-44bd-42ed-91e8-88f912c1401d\", \"datePublished\": \"2024-02-05T22:00:01.075Z\", \"assignerShortName\": \"vmware\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.