Authorization Bypass During JWT Issuer Validation with spring-security
CVE-2018-15801

3.3LOW

Key Information:

Vendor: Spring By Pivotal
Status: Spring Security
Vendor: CVE Published:; 19 December 2018

What is CVE-2018-15801?

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.

Affected Version(s)

Spring Security 5.1.x < 5.1.2

References

https://pivotal.io/security/cve-2018-15801

x_refsource_CONFIRM

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 19, 2018
Vulnerability Reserved
Aug 23, 2018

Spring By Pivotal

What is CVE-2018-15801?

Affected Version(s)

References

CVSS V3.1

Timeline