CVE-2024-22234

HIGH

Spring Security <6.1.7 & <6.2.2 - Info Disclosure

Title source: llm

Description

In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control when it directly uses the AuthenticationTrustResolver.isFullyAuthenticated(Authentication) method. Specifically, an application is vulnerable if: * The application uses AuthenticationTrustResolver.isFullyAuthenticated(Authentication) directly and a null authentication parameter is passed to it resulting in an erroneous true return value. An application is not vulnerable if any of the following is true: * The application does not use AuthenticationTrustResolver.isFullyAuthenticated(Authentication) directly. * The application does not pass null to AuthenticationTrustResolver.isFullyAuthenticated * The application only uses isFullyAuthenticated via Method Security https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html  or HTTP Request Security https://docs.spring.io/spring-security/reference/servlet/authorization/authorize-http-requests.html

Exploits (1)

github STUB 5 stars
by shellfeel · javapoc
https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234

References (2)

Scores

CVSS v3 7.4
EPSS 0.0166
EPSS Percentile 82.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE
CWE-284
Status published
Products (2)
org.springframework.security/spring-security-core 6.1.0 - 6.1.7Maven
vmware/spring_security 6.1.0 - 6.1.7
Published Feb 20, 2024
Tracked Since Feb 18, 2026