CVE-2023-20873

🗓️ 20 Apr 2023 00:00:00Reported by vmwareType

Security bypass vulnerability in Spring Boot

Reporter	Title	Published	Views	Family All 38
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in VMware Tanzu Spring Boot	28 Jun 202321:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restriction bypass in VMware Tanzu Spring Boot (CVE-2023-20873)	12 Jul 202321:33	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	7 Jun 202316:53	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Network Automation 2.5.0 fixes multiple security vulnerabilities	20 Jun 202308:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in VMware Tanzu Spring Boot	14 Jul 202323:17	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Spring Framework affects IBM Process Mining . CVE-2023-20873	27 Jun 202311:49	–	ibm
Circl	CVE-2023-20873	21 Apr 202300:30	–	circl
CNNVD	Spring Framework 安全漏洞	20 Apr 202300:00	–	cnnvd
CVE	CVE-2023-20873	20 Apr 202300:00	–	cve
EUVD	EUVD-2023-1303	3 Oct 202520:07	–	euvd

[
  {
    "vendor": "n/a",
    "product": "Spring Boot",
    "versions": [
      {
        "version": "Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions",
        "status": "affected"
      }
    ]
  }
]

Source	Link
security	www.security.netapp.com/advisory/ntap-20230601-0009/
spring	www.spring.io/security/cve-2023-20873
spring	www.spring.io/blog/2023/05/18/spring-boot-2-5-15-and-2-6-15-available-now

28 Aug 2023 12:58Current

9.5High risk

Vulners AI Score9.5

EPSS0.00446