Threat Encyclopedia



This indicates an attack attempt against an Authentication Bypass vulnerability in Spring Security.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted request. Successful exploitation can potentially lead to information disclosure or privilege by pass.

affected-products-logoAffected Products

Spring Security 5.5.x prior to 5.5.7
Spring Security 5.6.x prior to 5.6.4
Spring Security Earlier unsupported versions

Impact logoImpact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References