Lucene search
Veracode Vulnerability DatabaseVERACODE:20621HistoryJun 27, 2019 - 9:28 a.m.
Authentication Bypass Via Null Authentication
2019-06-2709:28:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
35.4%
spring-security is vulnerable to authentication bypass. The cause of vulnerability is due to the use of PlaintextPasswordEncoder, validating the authentication of a user if a null encoded password is entered.
Related
cvelist
cvelist
openvas
openvas
Debian: Security Advisory (DLA-1848-1)
2019-07-10 00:00:00
github
github
nessus
nessus
Debian DLA-1848-1 : libspring-security-2.0-java security update
2019-07-11 00:00:00
redhatcve
redhatcve
CVE-2019-11272
2019-10-11 18:16:25
debian
debian
[SECURITY] [DLA 1848-1] libspring-security-2.0-java security update
2019-07-09 06:25:18
ubuntucve
ubuntucve
CVE-2019-11272
2019-06-26 00:00:00
osv
osv
Insufficiently Protected Credentials and Improper Authentication in Spring Security
2019-06-27 17:24:58
CVE-2019-11272
2019-06-26 14:15:09
libspring-security-2.0-java - security update
2019-07-08 00:00:00
nvd
nvd
CVE-2019-11272
2019-06-26 14:15:09
cve
cve
CVE-2019-11272
2019-06-26 14:15:09
prion
prion
Design/Logic Flaw
2019-06-26 14:15:00
ibm
ibm
redhat
redhat
(RHSA-2020:0983) Important: Red Hat Fuse 7.6.0 security update
2020-03-26 15:40:22