Security Advisory

CVE-2024-22257

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-03-18 14:18:52

Last updated 2025-02-13 17:33:39

Assigner vmware

State PUBLISHED

Description

In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.

← Browse all CVEs View on cve.org ↗