Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:40310
HistoryApr 27, 2023 - 10:39 a.m.

Access Restriction Bypass

2023-04-2710:39:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
55
spring boot actuator autoconfigure
access restriction bypass
vulnerability
improper wild card matching
remote attacker
cloud foundry
system access

EPSS

0.007

Percentile

80.7%

org.springframework.boot:spring-boot-actuator-autoconfigure is vulnerable to Access Restriction Bypass. The vulnerability is due to improper wild card matching, which allows a remote attacker to bypass access restrictions and gain access to the system. Please note that the vulnerability is only applicable if its deployed on Cloud Foundry.