Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-15801

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.

Published

2018-12-19T22:29:00.593

Last Modified

2024-11-21T03:51:28.643

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.4 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

4.9

Weaknesses

Type: Primary
CWE-345

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	vmware	spring_framework	< 5.1.2	Yes

References

https://pivotal.io/security/cve-2018-15801 Vendor Advisory ([email protected])
https://pivotal.io/security/cve-2018-15801 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)