Apache Shiro < 1.8.0 Authentication Bypass

Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...

This Week in Spring - May 31st, 2022

Hi, Spring fans! And welcome to another installment of This Week in Spring! Ive just returned from three wonderful weeks overseas and now, Im pleased as punch to convey, that Im home! And hopefully, COVID-19 free! Who knows what sort of nonsense I caught on the flight home, anyway. Some things, I...

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems CMS, web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...

Exploit for Incorrect Authorization in Vmware Spring_Security

CVE-2022-22978 Spring-Security Bypass Demo When using Rege...

Vulnerabilities fixed in IBM SPSS

Several vulnerabilities have been fixed in Spring Framework version 5.3.20 as part of IBM SPSS Collaboration and Deployment Services. The vulnerabilities can be exploited by a malicious be exploited to execute arbitrary code and/or to cause a denial-of-service DoS exploit. These vulnerabilities...

Apache Shiro < 1.7.1 Authentication Bypass

Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc. include'compat.inc'; i...

Security Bulletin: Multiple vulnerabilities in Spring Framework affect SPSS Collaboration and Deployment Services

Summary There are multiple vulnerabilities in Spring Framework used by SPSS Collaboration and Deployment Services. SPSS Collaboration and Deployment Services is affected but not classified as vulnerable to these issues. The fix includes Spring 5.3.20. Vulnerability Details CVEID: CVE-2022-22950...

Security Bulletin:IBM Common Licensing is affected but not classified as vulnerable by a remote code execution in Spring Framework (220575,CVE-2022-22965)

Summary IBM Common Licensing is affected but not classified as vulnerable to a remote code execution in Spring Framework 220575, CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast to a...

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947-exp Reproduced the...

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947-exp Reproduced the...

KeySight N6841A RF Sensor Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of KeySight N6841A RF Sensor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of Spring Framework. The issue results from the lack of prop...

A Bootiful Podcast: the good Dr. David Syer on the new and novel in Spring and Kubernetes

Hi, Spring fans! In this installment, Josh Long talks to Spring Boot and Spring Cloud luminary, the good Dr. @DavidSyer, about the latest and greatest on Spring and Kubernetes...

Security Bulletin: IBM Sterling Control Center is affected but not classified as vulnerable by a remote code execution in Spring Framework (CVE-2022-22965)

Summary IBM Sterling Control Center is affected but not classified as vulnerable to a remote code execution in Spring Framework CVE-2022-22965 as it does not meet all of the following criteria: 1. JDK 9 or higher, 2. Apache Tomcat as the Servlet container, 3. Packaged as WAR in contrast to a Spri...

cc.ecore:spring-jfinal (=0.0.1), cc.ecore:spring-jfinal-plugin (>=0.1.0 <=0.1.2) +134 more potentially affected by CVE-2019-17352 via com.jfinal:jfinal (>=1.4 <=4.4)

com.jfinal:jfinal MAVEN version =1.4, =0.1.0, =0.1.1, =1.0, =0.0.8, =0.0.8, =0.0.8, =0.1, =1.2.2 - cn.dreampie:jfinal-flyway =0.1 - cn.dreampie:jfinal-lesscss =0.1 and more Source cves: CVE-2019-17352 Source advisory: OSV:GHSA-279P-PC38-XX4P...

ai.test.sdk:test-ai-appium (>=0.0.1 <=0.1.0), berlin.yuna:nats-server-embedded (>=2.2.37 <=2.2.40) +3950 more potentially affected by CVE-2021-22096 via org.springframework:spring-core (>=5.3.0 <=5.3.10)

org.springframework:spring-core MAVEN version =5.3.0, =0.0.1, =2.2.37, =0.5.3, =1.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =1.3.5, =1.0.0, =1.0.22, =1.0.36 - ch.voulgarakis:quickfixj-spring-boot-actuator =1.0.3.RELEASE and more Source cves: CVE-2021-22096 Source advisory:...

GHSA-RFMP-97JJ-H8M6 Improper Output Neutralization for Logs in Spring Framework

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

ai.ylyue:yue-library-auth-client (>=j8.2.3.0 <=j11.2.3.3), ai.ylyue:yue-library-auth-service (>=j8.2.3.0 <=j11.2.3.3) +7514 more potentially affected by CVE-2021-22096 via org.springframework:spring-core (>=5.2.0.RELEASE <=5.2.17.RELEASE)

org.springframework:spring-core MAVEN version =5.2.0.RELEASE, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =j8.2.3.0, =2.3.0.RELEASE, =2.3.0.RELEASE, =2.3.0.RELEASE, =2.3.0.RELEASE, =2.3.0.RELEASE, =2.3.1.RELEASE and more Source cves:...

Improper Output Neutralization for Logs in Spring Framework

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries...

Exposure of Resource to Wrong Sphere in Spring Data REST

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for...

GHSA-FX7F-RJQJ-52PJ Deserialization of Untrusted Data in Spring AMQP

In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString method, will deserialize a body for a message with content type application/x-java-serialized-object. It is possible to construct a malicious java.util.Dictionary object that can cause 100%...