Spring Security 5.6.x < 5.6.9 / 5.7.x < 5.7.5 授权绕过

critical Nessus 插件 ID 171061

版本 1.1

Feb 9, 2023, 2:50 AM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
  • Exploit attributes ("Exploitability ease" set to "No known exploits are available")
  • Exploit attributes ("Exploit available" set to "False")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")

Plugin Feed: 202302090250