Spring Security 5.6.x < 5.6.9 / 5.7.x < 5.7.5 授權繞過

critical Nessus Plugin ID 171061

版本 1.1

Feb 9, 2023, 2:50 AM

  • CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:OF/RC:C")
  • CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:O/RC:C")
  • Exploit attributes ("Exploit available" set to "False")
  • Exploit attributes ("Exploitability ease" set to "No known exploits are available")

Plugin Feed: 202302090250

版本 1.0

Feb 7, 2023, 12:02 PM

  • New

Plugin Feed: 202302071202

* Changelogs are generally available for changes made after Nov 1, 2022