CVE-2024-22234 | VMware Spring Security up to 6.1.6/6.2.1 AuthenticationTrustResolver.isFullyAuthenticated access control

Posted by Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability classified as critical has been found in VMware Spring Security up to 6.1.6/6.2.1. Affected is the function AuthenticationTrustResolver.isFullyAuthenticated. The manipulation leads to improper access controls.

This vulnerability is traded as CVE-2024-22234. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22234 | VMware Spring Security up to 6.1.6/6.2.1 AuthenticationTrustResolver.isFullyAuthenticated access control

Related Posts

CVE-2024-28112 | Peering Manager up to 1.8.2 name cross site scripting (GHSA-fmf5-24pq-rq2w)

CVE-2023-6379 | Alkacon Open CMS 14/15 cross site scripting

CVE-2023-7123 | SourceCodester Medicine Tracking System 1.0 Master.php id/name/description sql injection

CVE-2024-9355 | golang-fips uninitialized resource