CVE-2024-38827 | VMware Spring Security up to 6.3.4 Authorization Rule String.toLowerCase/String.toUpperCase authorization

Posted by Angelo Barbosa | Dec 2, 2024 | CVE

A vulnerability was found in VMware Spring Security up to 6.3.4. It has been declared as problematic. Affected by this vulnerability is the function String.toLowerCase/String.toUpperCase of the component Authorization Rule Handler. The manipulation leads to authorization bypass.

This vulnerability is known as CVE-2024-38827. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38827 | VMware Spring Security up to 6.3.4 Authorization Rule String.toLowerCase/String.toUpperCase authorization

Related Posts

CVE-2024-28960 | mbed TLS up to 2.28.7/3.5.x PSA Crypto API Privilege Escalation

CVE-2024-6732 | SourceCodester Student Study Center Desk Management System 1.0 Users.php id sql injection

CVE-2023-50089 | Netgear WNR2000v4 1.0.0.70 HTTP for SOAP Authentication command injection

CVE-2024-11032 | Parsi Date Plugin up to 5.1.1 on WordPress add_query_arg cross site scripting