Lucene search
Redhat.comRH:CVE-2019-11272HistoryOct 11, 2019 - 6:16 p.m.
CVE-2019-11272
2019-10-1118:16:25
redhat.com
access.redhat.com
9
0.001 Low
EPSS
Percentile
35.4%
A flaw was found in Spring Security in several versions, in the use of plain text passwords using the PlaintextPasswordEncoder. If an application is using an affected version of Spring Security with the PlaintextPasswordEncoder and a user has a null encoded password, an attacker can use this flaw to authenticate using a password of “null.”
Related
cvelist
cvelist
openvas
openvas
Debian: Security Advisory (DLA-1848-1)
2019-07-10 00:00:00
github
github
nessus
nessus
Debian DLA-1848-1 : libspring-security-2.0-java security update
2019-07-11 00:00:00
debian
debian
[SECURITY] [DLA 1848-1] libspring-security-2.0-java security update
2019-07-09 06:25:18
ubuntucve
ubuntucve
CVE-2019-11272
2019-06-26 00:00:00
osv
osv
Insufficiently Protected Credentials and Improper Authentication in Spring Security
2019-06-27 17:24:58
CVE-2019-11272
2019-06-26 14:15:09
libspring-security-2.0-java - security update
2019-07-08 00:00:00
nvd
nvd
CVE-2019-11272
2019-06-26 14:15:09
cve
cve
CVE-2019-11272
2019-06-26 14:15:09
prion
prion
Design/Logic Flaw
2019-06-26 14:15:00
veracode
veracode
Authentication Bypass Via Null Authentication
2019-06-27 09:28:20
ibm
ibm
redhat
redhat
(RHSA-2020:0983) Important: Red Hat Fuse 7.6.0 security update
2020-03-26 15:40:22