Published: 31/10/2022 Updated: 08/08/2023

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 0

Spring Security, versions 5.7 before 5.7.5, and 5.6 before 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vmware spring security
netapp active iq unified manager -

Synopsis Moderate: OpenShift Container Platform 41056 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 41056 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Pla ...

Synopsis Critical: OpenShift Container Platform 41056 security update Type/Severity Security Advisory: Critical Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 41056 is now available with updates to packages and ima ...

Synopsis Important: Migration Toolkit for Runtimes security bug fix and enhancement update Type/Severity Security Advisory: Important Topic Migration Toolkit for Runtimes 102 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...

Synopsis Critical: Multicluster Engine for Kubernetes 224 security fixes and container updates Type/Severity Security Advisory: Critical Topic Multicluster Engine for Kubernetes 224 General Availability release images, which fix security issues and update container imagesRed Hat Product Security has rated this update as having a security ...

Synopsis Important: Migration Toolkit for Applications security and bug fix update Type/Severity Security Advisory: Important Topic Migration Toolkit for Applications 610 releaseRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...

Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2022-31690, CVE-2022-31692 Affected products and versions are listed below Please upgrade your version to the appropriate version ...

About me Contributor to several Spring projects Committer / PMC of Apache Wicket Contact XING: wwwxingcom/profile/Tobias_Soloschenko Skill sneak peek OS     IDE   Database       Web development                     &

NVD-CWE-noinfo https://tanzu.vmware.com/security/cve-2022-31690 https://security.netapp.com/advisory/ntap-20221215-0010/https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2023:1656 https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-107/index.html

CVE-2022-31690

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect