Lucene search
+L

9 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2022-31690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certai...

8.1CVSS7AI score0.01011EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/05 3:10 p.m.48 views

Security Bulletin: Vulnerability in Spring Security affects IBM Process Mining . CVE-2022-31690

Summary There is a vulnerability in Spring Security that could allow a remote attacker to gain elevated privileges on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-31690...

8.1CVSS8.8AI score0.01011EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/04/12 12:2 p.m.142 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update

Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

9.8CVSS7AI score0.99931EPSS
Exploits46References11
RedHat Linux
RedHat Linux
added 2023/03/16 9:31 a.m.55 views

Important: Red Hat Security Advisory: Migration Toolkit for Runtimes security bug fix and enhancement update

Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS6.7AI score0.08689EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2023/03/16 7:57 a.m.60 views

Important: Red Hat Security Advisory: Migration Toolkit for Runtimes security bug fix and enhancement update

Migration Toolkit for Runtimes 1.0.2 release Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS6.7AI score0.05796EPSS
Exploits6References5
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/10 10:39 a.m.37 views

Security Bulletin: IBM Sterling Partner Engagement Manager is vulnerable unauthorized privilege escalation due to Spring Security (CVE-2022-31690)

Summary IBM Sterling Partner Engagement Manager has addressed a vulnerablity in Spring Security that allows a remote attacker to gain elevated privileges on the system. Vulnerability Details CVEID:CVE-2022-31690 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to gain...

8.1CVSS8.8AI score0.01011EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/11/01 12:0 p.m.8 views

cn.kduck:kduck-security-principal (=1.1.3), com.atlassian.connect:atlassian-connect-spring-boot-core (>=3.0.0 <=3.0.10) +338 more potentially affected by CVE-2022-31690 via org.springframework.security:spring-security-oauth2-client (>=5.7.1 <=5.7.4)

org.springframework.security:spring-security-oauth2-client MAVEN version =5.7.1, =3.0.0, =3.0.0, =4.3.0, =5.1.3, =5.1.3, =5.1.0, =4.2.0, =0.1.33, =1.18.8, =1.18.8, =2.9 - com.graphql-java-generator:graphql-maven-plugin =1.18.8 and more Source cves: CVE-2022-31690https://vulners.com/cve/CVE-2...

8.1CVSS7.2AI score0.01011EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/10/31 12:0 a.m.11 views

CVE-2022-31690

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client via the browser to the Authorization Server which...

8.1AI score0.01011EPSS
Exploits0References2
CVE
CVE
added 2022/10/31 12:0 a.m.429 views

CVE-2022-31690

CVE-2022-31690 affects Spring Security versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9. A malicious user could modify a client-initiated request to the Authorization Server, leading to privilege escalation on the subsequent approval if the OAuth2 Access Token Response incorrectly contains an e...

8.1CVSS7.8AI score0.01011EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder