CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
89.5%
Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5
and 2.0.0 through 2.0.6, and possibly other versions deserialize objects
from untrusted sources, which allows remote attackers to bypass intended
security restrictions and execute untrusted code by (1) serializing a
java.lang.Proxy instance and using InvocationHandler, or (2) accessing
internal AOP interfaces, as demonstrated using deserialization of a
DefaultListableBeanFactory instance to execute arbitrary commands via the
java.lang.Runtime class.