Spring Security Schwachstellen

Zeitverlauf

Version

2.0.09
2.0.19
2.0.29
2.0.38
2.0.48

Massnahmen

Official Fix31
Temporary Fix0
Workaround0
Unavailable0
Not Defined4

Ausnutzbarkeit

High0
Functional0
Proof-of-Concept2
Unproven1
Not Defined32

Zugriffsart

Not Defined0
Physical0
Local1
Adjacent3
Network31

Authentisierung

Not Defined0
High3
Low8
None24

Benutzeraktivität

Not Defined0
Required1
None34

C3BM Index

Vergangenes Jahr

CVSSv3 Base

≤10
≤20
≤31
≤40
≤54
≤68
≤77
≤811
≤94
≤100

CVSSv3 Temp

≤10
≤21
≤30
≤40
≤56
≤66
≤710
≤89
≤93
≤100

VulDB

≤10
≤20
≤32
≤42
≤54
≤610
≤75
≤812
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤65
≤72
≤84
≤96
≤106

CNA

≤10
≤20
≤30
≤42
≤53
≤60
≤70
≤82
≤91
≤103

Hersteller

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploit 0-day

<1k1
<2k12
<5k7
<10k5
<25k8
<50k2
<100k0
≥100k0

Exploit heute

<1k28
<2k2
<5k5
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploitmarktvolumen

Vergangenes Jahr

🔴 CTI Aktivitäten

Affected Versions (193): 0.9.0.RELEASE, 1, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 2, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9, 2.0.11, 2.0.12, 2.0.13, 2.0.14, 2.0.15, 2.0.16, 2.0.17, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.2, 2.2.1, 2.2.2, 2.2.3, 2.2.4, 2.3, 2.3.1, 2.3.2, 2.3.3, 2.3.4, 2.3.5, 2.5, 2.5.1, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.2.5, 3.2.6, 3.2.7, 3.2.8, 3.2.9, 4.0, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.2, 4.2.1, 4.2.2, 4.2.2.RELEASE, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.11, 4.2.12, 4.2.13, 4.2.14, 4.2.15, 5, 5.0, 5.0.0.M1, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 5.0.7, 5.0.8, 5.0.9, 5.0.11, 5.0.12, 5.0.13, 5.0.14, 5.0.15, 5.1, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 5.1.7, 5.1.8, 5.1.9, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9, 5.3, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.3.5, 5.3.6, 5.3.7, 5.3.8, 5.3.9, 5.4, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.4.5, 5.4.6, 5.5, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 5.5.6, 5.6, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.11, 5.7, 5.7.1, 5.7.2, 5.7.3, 5.7.4, 5.7.5, 5.7.6, 5.7.7, 5.7.8, 5.7.9, 5.7.11, 5.8, 5.8.1, 5.8.2, 5.8.3, 5.8.4, 5.8.5, 5.8.6, 5.8.7, 5.8.8, 5.8.9, 6, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.2, 6.2.1, 6.2.2

Link to Product Website: https://www.vmware.com/

VeröffentlichtBaseTempSchwachstelle0dayHeuteAusMasCTICVE
18.03.20247.77.6Vmware Spring Security AuthenticatedVoter erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2024-22257
20.02.20246.56.4VMware Spring Security AuthenticationTrustResolver.isFullyAuthenticated erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2024-22234
06.02.20244.24.2VMware Spring Security spring-security.xsd erweiterte Rechte$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-34042
16.10.20235.25.2WebAuthn4J Spring Security Core schwache Authentisierung$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-45669
19.07.20238.78.6Vmware Spring Security WebFlux erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-34034
18.07.20237.37.1Vmware Spring Security Authorization Rule erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-34035
20.04.20236.46.4VMware Spring Security Logout schwache Authentisierung$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2023-20862
24.11.20228.78.6Grails Spring Security Core Plugin erweiterte Rechte$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-41923
01.11.20227.27.1VMware Spring Security Dispatcher Type authorizeHttpRequests erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-31692
01.11.20226.86.7VMware Spring Security erweiterte Rechte$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-31690

25 weitere Einträge werden nicht mehr angezeigt

🔒 Login Required

You need to signup and login to see more of the remaining 25 results.

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!