CVE-2024-22234

CVE Database · CVE-2024-22234

CVE-2024-22234

· HIGHAnalyzed

CVSS v3.1

7.4

EPSS

0.68%

Published

Feb 20, 2024

Modified

Apr 2, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

In Spring Security, versions 6.1.x prior to 6.1.7 and versions 6.2.x prior to 6.2.2, an application is vulnerable to broken access control when it directly uses the AuthenticationTrustResolver.isFullyAuthenticated(Authentication) method. Specifically, an application is vulnerable if: * The application uses AuthenticationTrustResolver.isFullyAuthenticated(Authentication) directly and a null authentication parameter is passed to it resulting in an erroneous true return value. An application is not vulnerable if any of the following is true: * The application does not use AuthenticationTrustResolver.isFullyAuthenticated(Authentication) directly. * The application does not pass null to AuthenticationTrustResolver.isFullyAuthenticated * The application only uses isFullyAuthenticated via Method Security https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html or HTTP Request Security https://docs.spring.io/spring-security/reference/servlet/authorization/authorize-http-requests.html

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Weaknesses (CWE)

CWE-284

Affected Products (2)

vmware · spring_security (up to 6.1.7)vulnerable

vmware · spring_security (up to 6.2.2)vulnerable

References (4)

https://security.netapp.com/advisory/ntap-20240315-0003/

Third Party Advisory

https://spring.io/security/cve-2024-22234

Vendor Advisory

https://security.netapp.com/advisory/ntap-20240315-0003/

Third Party Advisory

https://spring.io/security/cve-2024-22234

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs