CVE-2024-22234 | VMware Spring Security up to 6.1.6/6.2.1 AuthenticationTrustResolver.isFullyAuthenticated access control

Posted by Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability classified as critical has been found in VMware Spring Security up to 6.1.6/6.2.1. Affected is the function AuthenticationTrustResolver.isFullyAuthenticated. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2024-22234. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22234 | VMware Spring Security up to 6.1.6/6.2.1 AuthenticationTrustResolver.isFullyAuthenticated access control

Related Posts

CVE-2023-6922 | acurax Under Construction Maintenance Mode Plugin up to 2.6 on WordPress Email Address acx_csma_subscribe_ajax information disclosure

CVE-2024-5938 | Boot Store Plugin up to 1.6.4 on WordPress Button Shortcode cross site scripting

CVE-2024-6819 | IrfanView PSP File Parser out-of-bounds write

CVE-2024-22637 | Form Tools 3.1.1 preview.php cross site scripting (ID 176403)