Vmware Spring Security Уязвимости

Временная шкала

Версия

5.7.0	6
5.7.1	6
5.7.2	6
5.7.3	6
5.7.4	6

Устранение последствий

Official Fix	17
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	1

Эксплуатационная пригодность

High	0
Functional	0
Proof-of-Concept	2
Unproven	1
Not Defined	15

Вектор доступа

Not Defined	0
Physical	0
Local	1
Adjacent	3
Network	14

Аутентификация

Not Defined	0
High	3
Low	5
None	10

Взаимодействие с пользователем

Not Defined	0
Required	0
None	18

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	0
≤5	3
≤6	4
≤7	4
≤8	5
≤9	1
≤10	0

CVSSv3 Temp

≤1	0
≤2	1
≤3	0
≤4	0
≤5	4
≤6	3
≤7	6
≤8	3
≤9	1
≤10	0

VulDB

≤1	0
≤2	0
≤3	2
≤4	1
≤5	4
≤6	6
≤7	0
≤8	5
≤9	0
≤10	0

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	1
≤7	0
≤8	0
≤9	2
≤10	3

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	0
≤7	0
≤8	2
≤9	1
≤10	1

Поставщик

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Эксплойт 0-дня

<1k	0
<2k	1
<5k	2
<10k	5
<25k	8
<50k	2
<100k	0
≥100k	0

Эксплойт сегодня

<1k	11
<2k	2
<5k	5
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (101): 2, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.5, 2.5.1, 3.1, 3.1.1, 3.1.2, 5.0, 5.1, 5.2, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.2.6, 5.2.7, 5.2.8, 5.2.9, 5.3, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.3.5, 5.3.6, 5.3.7, 5.3.8, 5.3.9, 5.4, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.4.5, 5.4.6, 5.5, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 5.5.6, 5.6, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.11, 5.7, 5.7.1, 5.7.2, 5.7.3, 5.7.4, 5.7.5, 5.7.6, 5.7.7, 5.7.8, 5.7.9, 5.7.11, 5.8, 5.8.1, 5.8.2, 5.8.3, 5.8.4, 5.8.5, 5.8.6, 5.8.7, 5.8.8, 5.8.9, 6, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.2, 6.2.1, 6.2.2

Link to Product Website: https://www.vmware.com/

Опубликовано	Base	Temp	Уязвимости	0day	Сегодня	Э�	Rem	CTI	CVE
18.03.2024	7.7	7.6	Vmware Spring Security AuthenticatedVoter эскалация привилегий	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2024-22257
20.02.2024	6.5	6.4	VMware Spring Security AuthenticationTrustResolver.isFullyAuthenticated эскалация привилегий	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2024-22234
06.02.2024	4.2	4.2	VMware Spring Security spring-security.xsd эскалация привилегий	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-34042
19.07.2023	8.7	8.6	Vmware Spring Security WebFlux эскалация привилегий	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-34034
18.07.2023	7.3	7.1	Vmware Spring Security Authorization Rule эскалация привилегий	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-34035
20.04.2023	6.4	6.4	VMware Spring Security Logout слабая аутентификация	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2023-20862
01.11.2022	7.2	7.1	VMware Spring Security Dispatcher Type authorizeHttpRequests эскалация привилегий	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-31692
01.11.2022	6.8	6.7	VMware Spring Security эскалация привилегий	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-31690
20.05.2022	2.2	2.0	Vmware Spring Security Encoder BCrypt повреждение памяти	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.05	CVE-2022-22976
20.05.2022	7.3	7.0	Vmware Spring Security Regular Expression RegexRequestMatcher эскалация привилегий	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-22978

8 больше записей не показано

🔒 Login Required

You need to signup and login to see more of the remaining 8 results.

больше записей по Vmware

◂ ПредыдущийОбзорДалее ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!