CVE-2018-15801Insufficient Verification of Data Authenticity in BY Pivotal Spring Security

CWE-345Insufficient Verification of Data Authenticity4 documents4 sources
Severity
7.4HIGHNVD
EPSS
0.1%
top 68.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Spring BY Pivotal Spring SecurityVmware Spring Framework
Timeline
PublishedDec 19
Latest updateDec 20

Description

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages2 packages

CVEListV5spring_by_pivotal/spring_security5.1.x5.1.2
NVDvmware/spring_framework5.1.05.1.2

🔴Vulnerability Details

3
OSV
Spring Security vulnerable to Authorization Bypass2018-12-20
GHSA
Spring Security vulnerable to Authorization Bypass2018-12-20
CVEList
Authorization Bypass During JWT Issuer Validation with spring-security2018-12-19
CVE-2018-15801 — HIGH severity | cvebase