#VU75408 Security features bypass in Spring Security - CVE-2023-20862
Vulnerability identifier: #VU75408
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-254
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Spring Security
Server applications /
Frameworks for developing and running applications
Vendor: VMware, Inc
Description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the logout support does not properly clean the security context if using serialized versions. A remote attacker can save an empty security context to the HttpSessionSecurityContextRepository and keep users authenticated even after they performed logout.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Spring Security: 5.7.0 - 5.7.7, 5.8.0 - 5.8.2, 6.0.0 - 6.0.2
External links
https://spring.io/security/cve-2023-20862
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
