Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware spring security 3.1.3 vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2014-0097
The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password.
Vmware Spring Security 3.1.4
Vmware Spring Security 3.1.0
Vmware Spring Security 3.1.5
Vmware Spring Security 3.1.3
Vmware Spring Security 3.1.1
Vmware Spring Security 3.1.2
Vmware Spring Security 3.2.1
Vmware Spring Security 3.2.0
9.8
CVSSv3
CVE-2014-3527
When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authentication uses the information f...
Vmware Spring Security 3.1.4
Vmware Spring Security 3.1.0
Vmware Spring Security 3.1.3
Vmware Spring Security 3.1.1
Vmware Spring Security 3.1.2
Vmware Spring Security 3.2.1
Vmware Spring Security 3.2.3
Vmware Spring Security 3.2.0
Vmware Spring Security 3.2.4
Vmware Spring Security 3.2.2
NA
CVE-2012-5055
DaoAuthenticationProvider in VMware SpringSource Spring Security prior to 2.0.8, 3.0.x prior to 3.0.8, and 3.1.x prior to 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote malicious users to enumerate valid u...
Vmware Springsource Spring Security 2.0.3
Vmware Springsource Spring Security
Vmware Springsource Spring Security 2.0.5
Vmware Springsource Spring Security 2.0.2
Vmware Springsource Spring Security 2.0.0
Vmware Springsource Spring Security 2.0.1
Vmware Springsource Spring Security 2.0.4
Vmware Springsource Spring Security 3.0.0
Vmware Springsource Spring Security 3.0.2
Vmware Springsource Spring Security 3.0.5
Vmware Springsource Spring Security 3.0.3
Vmware Springsource Spring Security 3.0.1
Vmware Springsource Spring Security 3.0.4
Vmware Springsource Spring Security 3.1.1
Vmware Springsource Spring Security 3.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started