CVE-2018-15801
Description
Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.
Risk Information
Base Score
7.4
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
0.124
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-15801 are fixed in Spring-security-oauth2-jose 5.1.2 | Windows |
| Vulnerabilities CVE-2018-15801 are fixed in Spring-security-core 5.1.2 | Windows |
| Vulnerabilities CVE-2018-15801 are fixed in Spring-security-oauth2-jose for Linux 5.1.2 | Linux |
| Vulnerabilities CVE-2018-15801 are fixed in Spring-security-core for Linux 5.1.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234