PRIOn knowledge basePRION:CVE-2018-1258Authorization
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
References
www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
www.securityfocus.com/bid/104222
www.securitytracker.com/id/1041888
www.securitytracker.com/id/1041896
access.redhat.com/errata/RHSA-2019:2413
pivotal.io/security/cve-2018-1258
security.netapp.com/advisory/ntap-20181018-0002/
www.oracle.com/security-alerts/cpuapr2020.html
www.oracle.com/security-alerts/cpujan2020.html
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/security-alerts/cpuoct2021.html
www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
Related
