Lucene search

K
cvelistVmwareCVELIST:CVE-2023-20873
HistoryApr 20, 2023 - 12:00 a.m.

CVE-2023-20873

2023-04-2000:00:00
vmware
www.cve.org
spring boot
cloud foundry
version 3.0.0
version 2.7.0
unsupported versions
security bypass
cve-2023-20873

AI Score

9.5

Confidence

High

EPSS

0.007

Percentile

80.7%

In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Spring Boot",
    "versions": [
      {
        "version": "Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions",
        "status": "affected"
      }
    ]
  }
]

AI Score

9.5

Confidence

High

EPSS

0.007

Percentile

80.7%