CVE-2022-31692

CRITICAL

Vmware Spring Security < 5.6.9 - IDOR

Title source: rule

Description

Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true)

Exploits (3)

nomisec WORKING POC 35 stars
by blipzip · poc
https://github.com/blipzip/cve-2022-31692
nomisec WORKING POC
by hotblac · poc
https://github.com/hotblac/cve-2022-31692
inthewild WORKING POC
poc
https://github.com/spindlesec/cve-2022-31692

References (2)

Scores

CVSS v3 9.8
EPSS 0.0838
EPSS Percentile 92.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-639
Status published
Products (3)
netapp/active_iq_unified_manager (2 CPE variants)
org.springframework.security/spring-security-core 5.7.0 - 5.7.5Maven
vmware/spring_security 5.6.0 - 5.6.9
Published Oct 31, 2022
Tracked Since Feb 18, 2026