Vmware Spring Security Vulnérabilités

Chronologie

Version

5.7.06
5.7.16
5.7.26
5.7.36
5.7.46

Contre-mesures

Official Fix17
Temporary Fix0
Workaround0
Unavailable0
Not Defined1

Exploitabilité

High0
Functional0
Proof-of-Concept2
Unproven1
Not Defined15

Vecteur d'accès

Not Defined0
Physical0
Local1
Adjacent3
Network14

Authentification

Not Defined0
High3
Low5
None10

Interaction de l'utilisateur

Not Defined0
Required0
None18

C3BM Index

L'année dernière

CVSSv3 Base

≤10
≤20
≤31
≤40
≤53
≤64
≤74
≤85
≤91
≤100

CVSSv3 Temp

≤10
≤21
≤30
≤40
≤54
≤63
≤76
≤83
≤91
≤100

VulDB

≤10
≤20
≤32
≤41
≤54
≤66
≤70
≤85
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤80
≤92
≤103

CNA

≤10
≤20
≤30
≤40
≤51
≤60
≤70
≤82
≤91
≤101

Fournisseur

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k0
<2k1
<5k2
<10k5
<25k8
<50k2
<100k0
≥100k0

Exploiter aujourd'hui

<1k12
<2k1
<5k5
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter le volume du marché

L'année dernière

🔴 CTI Activités

Affected Versions (101): 2, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.5, 2.5.1, 3.1, 3.1.1, 3.1.2, 5.0, 5.1, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9, 5.3, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.3.5, 5.3.6, 5.3.7, 5.3.8, 5.3.9, 5.4, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.4.5, 5.4.6, 5.5, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 5.5.6, 5.6, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.11, 5.7, 5.7.1, 5.7.2, 5.7.3, 5.7.4, 5.7.5, 5.7.6, 5.7.7, 5.7.8, 5.7.9, 5.7.11, 5.8, 5.8.1, 5.8.2, 5.8.3, 5.8.4, 5.8.5, 5.8.6, 5.8.7, 5.8.8, 5.8.9, 6, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.2, 6.2.1, 6.2.2

Link to Product Website: https://www.vmware.com/

PubliéBaseTempVulnérabilité0dayAujourd'huiExpConCTICVE
18/03/20247.77.6Vmware Spring Security AuthenticatedVoter elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-22257
20/02/20246.56.4VMware Spring Security AuthenticationTrustResolver.isFullyAuthenticated elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2024-22234
06/02/20244.24.2VMware Spring Security spring-security.xsd elévation de privilèges$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-34042
19/07/20238.78.6Vmware Spring Security WebFlux elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-34034
18/07/20237.37.1Vmware Spring Security Authorization Rule elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-34035
20/04/20236.46.4VMware Spring Security Logout authentification faible$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2023-20862
01/11/20227.27.1VMware Spring Security Dispatcher Type authorizeHttpRequests elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-31692
01/11/20226.86.7VMware Spring Security elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.02CVE-2022-31690
20/05/20222.22.0Vmware Spring Security Encoder BCrypt buffer overflow$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2022-22976
20/05/20227.37.0Vmware Spring Security Regular Expression RegexRequestMatcher elévation de privilèges$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-22978

8 plus d'entrées ne sont pas affichées

🔒 Login Required

You need to signup and login to see more of the remaining 8 results.

plus d'entrées par Vmware

PrécédentAperçuSuivant

Do you know our Splunk app?

Download it now for free!