Lucene search
Veracode Vulnerability DatabaseVERACODE:7622HistoryOct 19, 2018 - 5:39 a.m.
Privilege Escalation
2018-10-1905:39:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.003
Percentile
70.4%
spring-security-oauth2 is vulnerable to privilege escalation. The library does not properly handle the AuthorizationRequest parameter state, allowing a malicious user to pass a request to an approval endpoint and modify a previous authorization request, leading to a privilege escalation.
Related
cve
cve
CVE-2018-15758
2018-10-18 22:29:00
redhatcve
redhatcve
CVE-2018-15758
2018-10-25 12:49:48
github
github
cvelist
cvelist
CVE-2018-15758 Privilege Escalation in spring-security-oauth2
2018-10-18 22:00:00
nvd
nvd
CVE-2018-15758
2018-10-18 22:29:00
osv
osv
Authorization bypass in org.springframework.security.oauth:spring-security-oauth2
2018-10-19 22:00:28
CVE-2018-15758
2018-10-18 22:29:00
prion
prion
Authorization
2018-10-18 22:29:00
redhat
redhat
(RHSA-2019:2413) Important: Red Hat Fuse 7.4.0 security update
2019-08-08 10:07:26